[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

default PAM settings

I am working on LDAPifying a machine through PAM. The docs in pam-docs
mention implementing a default policy using pam_deny.so and/or
pam_warn.so(See 4.4 in pam-4.html). I'm just getting my feet wet with
PAM, but I don't see any kind of default PAM policy implemented in
the packages in unstable. Perhaps there is an implicit policy to
log and deny?

In the interest of security, should the debs have an explicit default PAM
policy? Log and deny perhaps? If not, why?

Nathan Valentine - nathan@nathanvalentine.org
Jabber: NRVesKY AIM: NRVesKY ICQ: 39023424

Reply to: