description

This commit is contained in:
Patrick Schleizer 2019-07-31 07:32:36 +00:00
parent 2ad087dcd9
commit 09f75fb1ff
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48

9
debian/control vendored
View File

@ -105,12 +105,13 @@ Description: enhances misc security settings
.
restricts access to the root account:
.
* `su` is restricted to only users within the sudo group which prevents users
from using su to gain root access or switch user accounts.
* `su` is restricted to only users within the group `sudo` which prevents
users from using `su` to gain root access or to switch user accounts.
/usr/share/pam-configs/security-misc
(Which results in a change in /etc/pam.d/common-auth.)
(Which results in a change in file `/etc/pam.d/common-auth`.)
.
* Add user `root` to group `sudo`.
* Add user `root` to group `sudo`. This is required to make above work so
login as a user in a virtual console is still possible.
debian/security-misc.postinst
.
* Lock user accounts after 5 failed login attempts using pam_tally2.