[Pkg-shadow-devel] Bug#731656: Please disable securetty by default
Josh Triplett
josh at joshtriplett.org
Sat Dec 7 23:13:28 UTC 2013
Package: login
Version: 1:4.1.5.1-1
Severity: wishlist
securetty dates back to the days when people still logged into systems
via telnet and rlogin. These days, remote access occurs via SSH, which
has its own configuration mechanism to determine whether to allow root
logins (including more flexible approaches such as disallowing root
logins by password but allowing them by key). And any local TTY should
be considered a securetty by definition. Thus, I don't think securetty
has any value anymore as part of the default configuration of login. I
would suggest removing it by default.
Thanks,
Josh Triplett
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages login depends on:
ii libc6 2.17-97
ii libpam-modules 1.1.3-10
ii libpam-runtime 1.1.3-10
ii libpam0g 1.1.3-10
login recommends no packages.
login suggests no packages.
-- no debconf information
More information about the Pkg-shadow-devel
mailing list