description

2025-01-26 00:35:55 -05:00 · 2019-12-12 09:39:39 -05:00 · 2019-12-12 09:39:39 -05:00 · 2d5ef378f3
commit 2d5ef378f3
parent 300f010fc2
1 changed files with 3 additions and 7 deletions
--- a/debian/control
+++ b/debian/control
@ -178,17 +178,13 @@ Description: enhances misc security settings
 /etc/securetty.security-misc
 .
  * Console Lockdown.
- Allow members of group 'console' to use console and members of group 'ssh'
- to receive incoming SSH connections. Everyone else except members of group
+ Allow members of group 'console' to use console.
+ Everyone else except members of group
 'console-unrestricted' are restricted from using console using ancient,
 unpopular login methods such as using /bin/login over networks, which might
 be exploitable. (CVE-2001-0797) Using pam_access.
 Not enabled by default in this package since this package does not know which
- users shall be added to group 'console' and/or 'ssh' and would break console,
- X Window System and ssh login since files in
- /usr/share/pam-configs/console-lockdown-security-misc result in modifications
- of /etc/pam.d/common-account file which not only applies to /etc/pam.d/login
- but also all other services such as /etc/pam.d/ssh.
+ users shall be added to group 'console' and would break console.
 /usr/share/pam-configs/console-lockdown-security-misc
 /etc/security/access-security-misc.conf
 .