|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Scott Dier (dieman
ringworld.org)Date: Tue Oct 23 2001 - 14:49:54 CDT
* Solar Designer <solaropenwall.com> [011023 09:29]:
> least one PAM'ified version of su(1) is suitable for the attack: the
> one that is included in the shadow suite and used on Debian. I also
On debian unstable/testing, the 'shadow-login' package does not exist,
and only the 'login' package exists. AFAIK, this only has the PAM-based
su in it.
On Progeny's newton release, this is also true.
On debian potato, it appears that the su there is also from pam.
Could you please cite the version of Debian next time? Your the second
person this month I've had to remind of this.
Hence, I believe the statment is refrencing a older version of stable,
users of 'stale' stable distributions should be advised that security
updates aren't given for anything but the 'current' stable version, and
that they should upgrade to potato.
-- Scott Dier <diemanJust say NO to Product Activation!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]