|
Bugzilla – Full Text Bug Listing |
| Summary: | kscreenlocker6: PAM configuration files with pam_loginuid.so which should be unnecessary | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Matthias Gerstner <matthias.gerstner> |
| Component: | Audits | Assignee: | Christophe Marin <christophe> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | opensuse-kde-bugs, security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Matthias Gerstner
2023-11-15 13:13:47 UTC
I'm looking into this. These are just two custom PAM configuration files. On first sight nothing problematic. The PAM configuration files are pretty straight forward. However I believe that the `pam_loginuid.so` does not belong in there. This is only supposed to be used for "entry applications" like login, gdm etc. But kscreenlocker isn't an entry application, or is it? Since these files are part of the packaging I reassign this bug to you. Whitelisting is not required for this. The PAM configuration files in KDE:Frameworks/kscreenlocker6 still are the same. Moving this bug out of the whitelisting tracker bug since there is no whitelisting required. session mechanisms were dropped |