Hello, On Debian, login uses pam_securetty as a requisite module. The reason for this is to fail immediately if the tty is not secure to avoid prompting for a password on an insecure line. In Linux-PAM-0_99_1_0 (pam_securetty.c revision 1.8), the return value of the authentication function was changed from PAM_IGNORE to PAM_USER_UNKNOWN. When pam_securetty is a requisite module, this means that the authentication will fail immediately if the user does not exist in the system. This might indicate to an attacker that the given user does not exist. What was the rational for changing the return value from PAM_IGNORE to PAM_USER_UNKNOWN? (BTW the pam_securetty's manpage needs an update) I would prefer that pam_securetty fails only if the tty is not secure and the user is root or unknown. And to leave the user authentication / check for validity to the pam_unix module. Best Regards, -- Nekral _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
