[Pkg-shadow-devel] Bug#989919: login: consider setting PAM's user_readenv=1
Christoph Anton Mitterer
calestyo at scientia.org
Sat Apr 9 20:17:51 BST 2022
At least one should consult the people from the security team and
perhaps anyone who was concerned back then with fixing #611136
Btw: I forgot to tell in this ticket here, that in:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784158#49
Yves-Alexis Perez came up with the idea, that setting user_readenv=1
(if safe) should go to:
/etc/pam.d/common-session
In:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784158#58
I've CC'ed PAM maintainers... asking for whether this could be done.
I guess that would be a general solution, an make this here obsolete.
Cheers,
Chris.
More information about the Pkg-shadow-devel
mailing list