FS#40144 : [kdebase-workspace] kscreensaver.pam uses inconsistent authentiation modules

FS#40144 - [kdebase-workspace] kscreensaver.pam uses inconsistent authentiation modules

Attached to Project: Arch Linux
Opened by Daniel Albers (al) - Tuesday, 29 April 2014, 19:34 GMT
Last edited by Andrea Scarpino (BaSh) - Friday, 02 May 2014, 08:31 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Andrea Scarpino (BaSh)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description: kdebase-workspace ships with a kscreensaver PAM configuration that depends only on pam_unix_auth.so.
Strictly speaking this is a security issue, if PAM configuration for system-login requires more/other PAM modules, but it's at least unexpected.

kscreensaver.pam should be dropped or at least reference system-login.

This task depends upon

Closed by Andrea Scarpino (BaSh)
Friday, 02 May 2014, 08:31 GMT
Reason for closing: Fixed
Additional comments about closing: kdebase-workspace 4.11.9-2

Comment by Andrea Scarpino (BaSh) - Tuesday, 29 April 2014, 20:08 GMT

Hi, thanks for the report.

I don't know how to properly fix this, should I just replace its content with 'auth include system-login'?

Comment by Daniel Albers (al) - Tuesday, 29 April 2014, 20:16 GMT

Yes, that would be better. Maybe 'auth include system-auth' would be sufficient, too. This is what xscreensaver uses.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#40144 - [kdebase-workspace] kscreensaver.pam uses inconsistent authentiation modules

Details

Loading...