Re: recent etch upgrade... sashroot (uid=0) started to impersonate uid=0 (root)
>>>>> "Yaroslav" == Yaroslav Halchenko <debian@onerussian.com> writes:
Yaroslav> Just checked -- you are right. I thought since sshd is
Yaroslav> running already and it is dyn linked against libpam, I
Yaroslav> hoped that all required pam modules are loaded by
Yaroslav> then... I was wrong... so indeed there is not much use
Yaroslav> for login. I guess it is better to have some terminal
Yaroslav> session with sash running to have constantly opened for
Yaroslav> such occasions.
In which case, this extra sashroot user is pointless, and
automatically configuring it via a debconf question may introduce a
false sense of security.
(unless you modify/recompile login to bypass PAM checks in which case
it would be easy enough for a sysadmin to add the user entry).
--
Brian May <bam@snoopy.debian.net>
Reply to: