[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Any Account Logs In With Any Password

On Mon, 25 Oct 2010, Michael Loftis wrote:
> checks prior to this indicate a soft success.  If you remove
> authentication from your system, its expected that any attempt to
> access will pass, barring and specific denial.

If I remove authentication from my system, I expect it to tell me to get
lost, as that is the _only_ safe failure scenario.  Recovery is supposed to
be done through single-user mode and sulogin in that case (if you don't have
a root window already open somewhere, that is).

This fail-unsafe behaviour looks like it is a "feature" of the default
config being shipped in /etc/pam.d/common-*.  I wonder what is the
justification behind that decision...

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: