From owner-freebsd-security  Mon Nov  1  9:47:40 1999
Delivered-To: freebsd-security@freebsd.org
Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175])
	by hub.freebsd.org (Postfix) with ESMTP id 28A7714F16
	for <security@freebsd.org>; Mon,  1 Nov 1999 09:47:28 -0800 (PST)
	(envelope-from sheldonh@axl.noc.iafrica.com)
Received: from sheldonh (helo=axl.noc.iafrica.com)
	by axl.noc.iafrica.com with local-esmtp (Exim 3.040 #1)
	id 11iLXy-000PEv-00; Mon, 01 Nov 1999 19:47:10 +0200
From: Sheldon Hearn <sheldonh@uunet.co.za>
To: VicTor Ponomarev <vick@unet.ru>
Cc: security@FreeBSD.ORG
Subject: Re: PAM and security hole in 3.3 stable 
In-reply-to: Your message of "Mon, 01 Nov 1999 17:25:54 +0300."
             <381DA2F1.5CA8A8D@unet.ru> 
Date: Mon, 01 Nov 1999 19:47:10 +0200
Message-ID: <97024.941478430@axl.noc.iafrica.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Mon, 01 Nov 1999 17:25:54 +0300, VicTor Ponomarev wrote:

> Comment  line
> login auth required pam_unix.so   try_first_pas
> in pam.conf and you can login from any terminal without password.

When you comment that line out out of the stock pam.conf, there are no
required authentication methods configured. Looks like it DTRT to me.

Ciao,
Sheldon.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message