default PAM settings
I am working on LDAPifying a machine through PAM. The docs in pam-docs
mention implementing a default policy using pam_deny.so and/or
pam_warn.so(See 4.4 in pam-4.html). I'm just getting my feet wet with
PAM, but I don't see any kind of default PAM policy implemented in
the packages in unstable. Perhaps there is an implicit policy to
log and deny?
In the interest of security, should the debs have an explicit default PAM
policy? Log and deny perhaps? If not, why?
Nathan Valentine - email@example.com
Jabber: NRVesKY AIM: NRVesKY ICQ: 39023424