Your message dated Mon, 15 Jul 2019 22:43:28 +0200
with message-id
<cak0odpxzekeedzz1fuc_yw8ofthjf7oahta7epup92gb+pf...@mail.gmail.com>
and subject line Re: [Pkg-shadow-devel] Bug#914957: login: removal of pts/*
from /etc/securetty wasn't applied in stretch
has caused the Debian Bug report #914957,
regarding login: removal of pts/* from /etc/securetty wasn't applied in stretch
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
914957: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: login
Version: 1:4.4-4.1
Severity: grave
Tags: security
Justification: user security hole
The addition of pts/* to /etc/securetty was reverted in 1:4.5-1 but
*not* in packages installed to stretch. Please backport this fix to
1:4.4-*
-- System Information:
Debian Release: 9.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.18.0-0.bpo.1-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8),
LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages login depends on:
ii libaudit1 1:2.6.7-2
ii libc6 2.24-11+deb9u3
ii libpam-modules 1.1.8-3.6
ii libpam-runtime 1.1.8-3.6
ii libpam0g 1.1.8-3.6
login recommends no packages.
login suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi Michael,
Michael Biebl <[email protected]> ezt írta (időpont: 2018. dec. 9., V, 0:37):
>
> On Sat, 8 Dec 2018 21:57:11 +0100 =?UTF-8?B?QsOhbGludCBSw6ljemV5?=
> <[email protected]> wrote:
> > While I believe securetty should be disabled by default
>
> Fwiw, I agree that securetty is a bad idea and should be removed from
> the default pam configuration.
> There is a login-standing bug report, documenting that securetty breaks
> "machinectl login" [1] fwiw.
>
> Can we please revisit this and drop securetty from /etc/pam.d/login for
> buster?
Unfortunately this missed Buster, but it is at least done for Bullseye
and later.
Cheers,
Balint
>
> Regards,
> Michael
>
>
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771675#20
> --
> Why is it that all of the instruments seeking intelligent life in the
> universe are pointed away from Earth?
>
--- End Message ---
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
