rpms / pam

Clone
Source Code
GIT

Blame pam-1.3.1-tty-audit-manfix.patch

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f7 f8 f9 main rawhide
  1.   9d21ac175c12fbb80974588e3a88059c0d81316a
  2.   pam-1.3.1-tty-audit-manfix.patch
Blob History Raw
a9ef7f8 
From e31dd6c7d0faa7a06d3ebd50a0b6957b9f822d15 Mon Sep 17 00:00:00 2001
a9ef7f8 
From: Tomas Mraz <tmraz@fedoraproject.org>
a9ef7f8 
Date: Wed, 7 Aug 2019 18:13:57 +0200
a9ef7f8 
Subject: [PATCH] pam_tty_audit: Manual page clarification about password
a9ef7f8 
 logging
a9ef7f8
a9ef7f8 
* modules/pam_tty_audit/pam_tty_audit.8.xml: Explanation why passwords
a9ef7f8 
can be sometimes logged even when the option is not set.
a9ef7f8 
---
a9ef7f8 
 modules/pam_tty_audit/pam_tty_audit.8.xml | 7 +++++++
a9ef7f8 
 1 file changed, 7 insertions(+)
a9ef7f8
a9ef7f8 
diff --git a/modules/pam_tty_audit/pam_tty_audit.8.xml b/modules/pam_tty_audit/pam_tty_audit.8.xml
a9ef7f8 
index 59a3406..e346c68 100644
a9ef7f8 
--- a/modules/pam_tty_audit/pam_tty_audit.8.xml
a9ef7f8 
+++ b/modules/pam_tty_audit/pam_tty_audit.8.xml
a9ef7f8 
@@ -149,6 +149,13 @@
a9ef7f8 
       greater than or equal to <replaceable>min_uid</replaceable> will be
a9ef7f8 
       matched.
a9ef7f8 
     </para>
a9ef7f8 
+    <para>
a9ef7f8 
+      Please note that passwords in some circumstances may be logged by TTY auditing
a9ef7f8 
+      even if the <option>log_passwd</option> is not used. For example, all input to
a9ef7f8 
+      an ssh session will be logged - even if there is a password being typed into
a9ef7f8 
+      some software running at the remote host because only the local TTY state
a9ef7f8 
+      affects the local TTY auditing.
a9ef7f8 
+    </para>
a9ef7f8 
   </refsect1>
a9ef7f8
a9ef7f8 
   <refsect1 id='pam_tty_audit-examples'>
a9ef7f8 
--
a9ef7f8 
2.20.1
a9ef7f8
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.