Bug#440955: gnome-screensaver: fails with pam_unix2
Josselin Mouette
joss at debian.org
Wed Sep 19 13:28:26 UTC 2007
severity 440955 important
thanks
Le mercredi 05 septembre 2007 à 13:12 -0500, Marcos Pinto a écrit :
> Package: gnome-screensaver
> Severity: grave
> Justification: renders package unusable
>
> when using pam_unix2 for better security, gnome-screensaver fails
> to unlock and always reports an invalid password. this is because
> /etc/shadow is "-rw-r----- 1 root shadow" and gnome-screensaver
> is not in the shadow group by default and apparently cant read
> the file
Erm, I fail to see how making a binary setgid to give it the right to
read passwords would actually *improve* security...
--
.''`. Josselin Mouette /\./\
: :' : josselin.mouette at ens-lyon.org
`. `' joss at debian.org
`- Debian GNU/Linux -- The power of freedom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20070919/6a004ad2/attachment.pgp
More information about the pkg-gnome-maintainers
mailing list