[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: recent etch upgrade... sashroot (uid=0) started to impersonate uid=0 (root)

>>>>> "Yaroslav" == Yaroslav Halchenko <debian@onerussian.com> writes:

    Yaroslav> Just checked -- you are right. I thought since sshd is
    Yaroslav> running already and it is dyn linked against libpam, I
    Yaroslav> hoped that all required pam modules are loaded by
    Yaroslav> then... I was wrong... so indeed there is not much use
    Yaroslav> for login. I guess it is better to have some terminal
    Yaroslav> session with sash running to have constantly opened for
    Yaroslav> such occasions.

In which case, this extra sashroot user is pointless, and
automatically configuring it via a debconf question may introduce a
false sense of security.

(unless you modify/recompile login to bypass PAM checks in which case
it would be easy enough for a sysadmin to add the user entry).
Brian May <bam@snoopy.debian.net>

Reply to: