paul Posted June 4, 2007 Report Share Posted June 4, 2007 login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok. Updated packages have been patched to address this issue. Link to comment Share on other sites More sharing options...
Recommended Posts