default PAM settings

To: <debian-security@lists.debian.org>
Subject: default PAM settings
From: "Nathan Valentine" <nathan@nathanvalentine.org>
Date: Fri, 16 Nov 2001 13:32:21 -0500 (EST)
Message-id: <[🔎] 1863.207.246.71.134.1005935541.squirrel@www.nathanvalentine.org>
Reply-to: nathan@nathanvalentine.org

I am working on LDAPifying a machine through PAM. The docs in pam-docs
mention implementing a default policy using pam_deny.so and/or
pam_warn.so(See 4.4 in pam-4.html). I'm just getting my feet wet with
PAM, but I don't see any kind of default PAM policy implemented in
the packages in unstable. Perhaps there is an implicit policy to
log and deny?

In the interest of security, should the debs have an explicit default PAM
policy? Log and deny perhaps? If not, why?



-- 
Nathan Valentine - nathan@nathanvalentine.org
Jabber: NRVesKY AIM: NRVesKY ICQ: 39023424

Reply to:

Follow-Ups:
- Re: default PAM settings
  - From: "Nathan Valentine" <nathan@nathanvalentine.org>

Prev by Date: Re: Root is God? (was: Mutt & tmp files)
Next by Date: Re: default PAM settings
Previous by thread: Re: Root is God? (was: Mutt & tmp files)
Next by thread: Re: default PAM settings
Index(es):
- Date
- Thread