mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-14 18:00:54 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
24423b42f0dc23704bddbb0f205ad3115e77d90f
security-misc/usr/share/pam-configs/console-lockdown-security-misc

7 lines
216 B
Plaintext
Raw Normal View History

Console Lockdown. Allow members of group 'console' to use tty1 to tty7. Everyone else except members of group 'console-unrestricted' are restricted from using console using ancient, unpopular login methods such as using /bin/login over networks, which might be exploitable. (CVE-2001-0797) Not enabled by default in this package since this package does not know which users shall be added to group 'console'. In new Whonix builds, user 'user" will be added to group 'console' and pam console-lockdown enabled by package anon-base-files. /usr/share/pam-configs/console-lockdown /etc/security/access-security-misc.conf https://forums.whonix.org/t/etc-security-hardening/8592
2019-12-07 05:40:20 -05:00
Name: allow only members of group console to login (by package security-misc)
Default: no
Priority: 280
Account-Type: Primary
Account:
required pam_access.so accessfile=/etc/security/access-security-misc.conf debug
Reference in New Issue Copy Permalink