Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
On Sun, Aug 11, 2002 at 09:27:31AM +0300, Sami Haahtinen wrote:
> I argee with Russell that the package should come with a BIG warning
> sign.
well, if you have writ access to the users home you can always take over his
account. For example a trojan .bashrc. It would be a bit more easy with ssh
pam, but not much more. I do not think we should warn the user in debconf
time. But we should not enable the module on default.
Greetings
Bernd
Reply to: