Your message dated Tue, 26 Jan 2010 22:27:41 +0000
with message-id <[email protected]>
and subject line Bug#561448: fixed in libpam-alreadyloggedin 0.3-2
has caused the Debian Bug report #561448,
regarding libpam-alreadyloggedin: Fake sense of security?
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
561448: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561448
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libpam-alreadyloggedin
Version: 0.3-1
Severity: important
Hello,
I am seriously concerned by the fake sense of security that such tool
provides (I must say that some other pam modules are scarry).
For instance, using vlock and libpam-alreadyloggedin on the same machine
provides the same level of security as a blank password, if not less.
As of 2009, where most people use either XWindow/ssh/screen, I see little
benefit using this tool (YMMV).
Please, add appropriate warning to this package description and README.
Thank you for your effort.
Franklin
BTW, It is recommended to submit an ITP bug before uploading a new
package in the archive, so other DDs can provide feed-back.
--- End Message ---
--- Begin Message ---
Source: libpam-alreadyloggedin
Source-Version: 0.3-2
We believe that the bug you reported is fixed in the latest version of
libpam-alreadyloggedin, which is due to be installed in the Debian FTP archive:
libpam-alreadyloggedin_0.3-2.debian.tar.gz
to main/libp/libpam-alreadyloggedin/libpam-alreadyloggedin_0.3-2.debian.tar.gz
libpam-alreadyloggedin_0.3-2.dsc
to main/libp/libpam-alreadyloggedin/libpam-alreadyloggedin_0.3-2.dsc
libpam-alreadyloggedin_0.3-2_kfreebsd-i386.deb
to
main/libp/libpam-alreadyloggedin/libpam-alreadyloggedin_0.3-2_kfreebsd-i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jakub Wilk <[email protected]> (supplier of updated libpam-alreadyloggedin
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 26 Jan 2010 17:29:43 +0100
Source: libpam-alreadyloggedin
Binary: libpam-alreadyloggedin
Architecture: source kfreebsd-i386
Version: 0.3-2
Distribution: unstable
Urgency: low
Maintainer: Jakub Wilk <[email protected]>
Changed-By: Jakub Wilk <[email protected]>
Description:
libpam-alreadyloggedin - PAM module to skip password authentication for logged
users
Closes: 561448
Changes:
libpam-alreadyloggedin (0.3-2) unstable; urgency=low
.
* Switch to source format 3.0 (quilt).
* Bump standards version to 3.8.3, no changes needed.
* Convert debian/copyright to the DEP-5 format.
* Don't use MAXPATHLEN constant, as it's not available on Hurd.
* Add security notes to package description and README.Debian
(closes: #561448). Thanks to Frank Lin PIAT for raising his concerns.
* Link using gcc rather than ld.
Checksums-Sha1:
b56d486155478482ef90ab59310e7321ec0533fe 1789 libpam-alreadyloggedin_0.3-2.dsc
1b12911ee64eadde44b0833887380a5d5a6a7156 3976
libpam-alreadyloggedin_0.3-2.debian.tar.gz
ede6fa4e715d99af956306e4a6376468ff8bd1ad 9106
libpam-alreadyloggedin_0.3-2_kfreebsd-i386.deb
Checksums-Sha256:
ec78e81c84e6f535346c485e24be3ce7f1ea96ee152eea0941e7494d34e7f644 1789
libpam-alreadyloggedin_0.3-2.dsc
c83d25237aafc1c0d9a135cac1d6eaa5bf90671295816b7863bd35d7f210588e 3976
libpam-alreadyloggedin_0.3-2.debian.tar.gz
98188896abadb28755c5497fccae7098efbf2d0033c20ec15a2660acfa7df4f0 9106
libpam-alreadyloggedin_0.3-2_kfreebsd-i386.deb
Files:
0c4859507aedc5c3524571ada2505fab 1789 admin extra
libpam-alreadyloggedin_0.3-2.dsc
dccbca368b0d2d775cfa10ef55c7d2be 3976 admin extra
libpam-alreadyloggedin_0.3-2.debian.tar.gz
6763cac6d376bc84ce5634e7d823029a 9106 admin extra
libpam-alreadyloggedin_0.3-2_kfreebsd-i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/kFreeBSD)
iQIcBAEBCgAGBQJLX18KAAoJEKv/7bJACMb55AgP/j7buOi131qnGzLokXl3/Bdw
mZN4I/5JCLLHBH1V0MgTr21oEFM4awjwUaXYpQ/WofYcaFRJF27mIaS8gfbV+zmB
bbMhbO2d3+mzgY1285YKaN+EftLJoQ0pyRbmTCvmOCWH+TPdsZfmxhA8U2DW1lvA
Fw2w5Z2lW76Kg+1+EcIpIbiYD802M3zuDn/XAqRgrEB3rtXIx8GOHFN9gZg+XCsd
Rw6hVg08Bc21/C6TT8WwpuMH1U5CI9ukHu5ZIe3ifEuJywlj7eczuShnIw3au/Gl
Zm/H8TGgGe2fmUjgC6ow3inXA6O3qS1EeWd34BVJmMDjsNnyV/7xkV+sdm2QXUuO
rhS2nLkd1q/v1pprPwlByL8jkUNG3BDB+qFa9qi46P/3qg1Ms/9ilfwjYkZopG3u
tNnoVxhdNV6iUSC6vgjaNXlhEn9SXohSDQdsGDULh5VKhwZQSaVLO9DaXfSUlZS3
TSLkHDLMKCtf9jpYtjjZepyCatziCj3OFyxVgYvfDiUH7HvLSmZiw5PuM3XOM//w
BLVnsV0as0uFVXlEAL8abvV58no5jZSCUjHFpoZVesm3ubdDOY6PB3CRufAJACu0
kLOsPZq1dyRxhk0fz03nQdUiKSVh/B46eYsubw3BSn3f6haVzgrKMxsrjGSR/qua
FctAZ1AQShaqd8CjXPIq
=I1On
-----END PGP SIGNATURE-----
--- End Message ---
