82ac6aaa29
To be secure, change behavior of the OTHER entries to warn and deny access to everything by stating pam_deny.so on all services. (From OE-Core rev: 4ca0af699b5b4b3cf95b3e76482651949fd922ac) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
25 lines
816 B
Text
25 lines
816 B
Text
#
|
|
# /etc/pam.d/other - specify the PAM fallback behaviour
|
|
#
|
|
# Note that this file is used for any unspecified service; for example
|
|
#if /etc/pam.d/cron specifies no session modules but cron calls
|
|
#pam_open_session, the session module out of /etc/pam.d/other is
|
|
#used.
|
|
|
|
# We use pam_warn.so to generate syslog notes that the 'other'
|
|
#fallback rules are being used (as a hint to suggest you should setup
|
|
#specific PAM rules for the service and aid to debugging). Then to be
|
|
#secure, deny access to all services by default.
|
|
|
|
auth required pam_warn.so
|
|
auth required pam_deny.so
|
|
|
|
account required pam_warn.so
|
|
account required pam_deny.so
|
|
|
|
password required pam_warn.so
|
|
password required pam_deny.so
|
|
|
|
session required pam_warn.so
|
|
session required pam_deny.so
|