[Pkg-shadow-commits] r679 - trunk/debian/patches
Christian Perrier
bubulle at costa.debian.org
Sat Dec 3 06:52:52 UTC 2005
Author: bubulle
Date: 2005-12-03 06:52:52 +0000 (Sat, 03 Dec 2005)
New Revision: 679
Added:
trunk/debian/patches/321_login.1_pishing
Removed:
trunk/debian/patches/421_login.1_pishing
Log:
Move fixed patch to 3xx series
Copied: trunk/debian/patches/321_login.1_pishing (from rev 678, trunk/debian/patches/421_login.1_pishing)
Deleted: trunk/debian/patches/421_login.1_pishing
===================================================================
--- trunk/debian/patches/421_login.1_pishing 2005-12-03 06:52:30 UTC (rev 678)
+++ trunk/debian/patches/421_login.1_pishing 2005-12-03 06:52:52 UTC (rev 679)
@@ -1,24 +0,0 @@
-Goal: document how to initiate a trusted path on linux.
-Fixes: #305600 by documenting that the answer is in the kernel.
-
-Status wrt upstream: Fixed in 4.0.14
-
-Index: shadow-4.0.13/man/login.1.xml
-===================================================================
---- shadow-4.0.13.orig/man/login.1.xml 2005-10-04 08:07:13.018678338 +0200
-+++ shadow-4.0.13/man/login.1.xml 2005-10-04 08:07:33.744455350 +0200
-@@ -184,6 +184,14 @@
- will continue to appear to be logged in even after you log out of the
- "subsession".
- </para>
-+
-+ <para>As any program, <command>login</command> appearance could be faked.
-+ If non-trusted users have a physical access to the machine, an attacker
-+ could use this to obtain the password of the next person sitting in front
-+ of the machine. Under Linux, the SAK mecanism can be used by users to
-+ initiate of a trusted path and prevent this kind of attack.
-+ </para>
-+
- </refsect1>
-
- <refsect1 id='files'>
More information about the Pkg-shadow-commits
mailing list