Bug#93200: Debian bug #139579: fixed upstream (+info)

To: 93200@bugs.debian.org, Joey Hess <joeyh@debian.org>, 139579@bugs.debian.org
Subject: Bug#93200: Debian bug #139579: fixed upstream (+info)
From: Darren Tucker <dtucker@zip.com.au>
Date: Thu, 01 Jul 2004 14:48:21 +1000
Message-id: <40E39795.2020404@zip.com.au>
Reply-to: Darren Tucker <dtucker@zip.com.au>, 93200@bugs.debian.org

Hi.

I've just commited an upstream fix for this "ssh: PermitEmptyPasswordsseems to have no effect" for the keyboard-interactive case. (This isupstream's auth-pam.c 1.109 -> 1.110).

One thing I did find is that the pam_unix.so flag "nullok" overridesthe PAM_DISALLOW_NULL_AUTHTOK flag passed to the pam_authenticate()function. This appears to be a bug in PAM (the right behaviour wouldseem to be the *least* permissive of the two).


--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Reply to:

Next by Date: Bug#63460: ssh calls pam_open_session in defferent process than setuid
Next by thread: Bug#63460: ssh calls pam_open_session in defferent process than setuid
Index(es):
- Date
- Thread