Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

description

Browse Source
This commit is contained in:
Patrick Schleizer 2019-12-08 01:30:42 -05:00
parent 491dd4d93d
commit 1464f01d19
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
debian/control vendored
View File

@ -173,13 +173,15 @@ Description: enhances misc security settings
/etc/securetty.security-misc
.
* Console Lockdown.
Allow members of group 'console' to use console. Everyone else except
members of group 'console-unrestricted' are restricted from using console
using ancient, unpopular login methods such as using /bin/login over networks,
which might be exploitable. (CVE-2001-0797) Using pam_access.
Allow members of group 'console' to use console and members of group 'ssh'
to receive incoming SSH connections. Everyone else except members of group
'console-unrestricted' are restricted from using console using ancient,
unpopular login methods such as using /bin/login over networks, which might
be exploitable. (CVE-2001-0797) Using pam_access.
Not enabled by default in this package since this package does not know which
users shall be added to group 'console' and would break ssh login since files
in /usr/share/pam-configs/console-lockdown result in modifications of
users shall be added to group 'console' and/or 'ssh' and would break console,
X Window System and ssh login since files in
/usr/share/pam-configs/console-lockdown result in modifications of
/etc/pam.d/common-account file which not only applies to /etc/pam.d/login but
also all other services such as /etc/pam.d/ssh.
/usr/share/pam-configs/console-lockdown