Date: Thu, 21 Oct 2004 09:56:44 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Roman Kennke <roman@ontographics.com> Cc: freebsd-current@FreeBSD.org Subject: Re: Error in /etc/pam.d/su ?? Message-ID: <20041021165644.GA9901@xor.obsecurity.org> In-Reply-To: <1098363412.1562.2.camel@moonlight> References: <1098363412.1562.2.camel@moonlight>
next in thread | previous in thread | raw e-mail | index | archive | help
--IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 21, 2004 at 02:56:52PM +0200, Roman Kennke wrote: > Hi there, >=20 > I just upgraded RELENG_5. Now it seems, that su lets me into root > without a passwd. > Checking /etc/pam.d/su it seems that there is an include control flag, > which isn't recognized: >=20 > auth include system > account include system >=20 > I suppose this must be changed to required or requisite? I am no PAM > expert, but this seems like a serious bug to me. If it's not recognized on your system, you haven't done a complete upgrade to RELENG_5 - it's been recognized there for a long time now. Kris --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBd+pLWry0BWjoQKURAhv0AKC1wyqrM2pnFA2vpDMRqXyBco3wGgCdGyuc AQOCh1BaqZvl4ZPKCjvu08E= =mDFQ -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041021165644.GA9901>