pam_access: hostname vs. terminal
Vladimir A. Pavlov
pv.root at gmail.com
Mon Sep 11 16:59:55 UTC 2006
On Monday 11 September 2006 02:42, Pablo Graziano wrote:
> Can't you just specify which tty's root is allowed to login from
> in the /etc/securetty file?
I can but isn't using /etc/security/access.conf the right way? I
thought /etc/securetty was deprecated.
Besides,
> Isn't it a security hole that the module cannot tell the difference
> between a terminal and a host name?
Cannot an attacker create a DNS record for non-existing tty2 hostname
and login from it?
--
Nothing but perfection
pv
More information about the Pam-list
mailing list