I am working on LDAPifying a machine through PAM. The docs in pam-docs mention implementing a default policy using pam_deny.so and/or pam_warn.so(See 4.4 in pam-4.html). I'm just getting my feet wet with PAM, but I don't see any kind of default PAM policy implemented in the packages in unstable. Perhaps there is an implicit policy to log and deny?
In the interest of security, should the debs have an explicit default PAM policy? Log and deny perhaps? If not, why? -- Nathan Valentine - [EMAIL PROTECTED] Jabber: NRVesKY AIM: NRVesKY ICQ: 39023424
