summaryrefslogtreecommitdiff
path: root/extra/source/pam/patches/pam-1.1.3-nouserenv.patch
diff options
context:
space:
mode:
Diffstat (limited to 'extra/source/pam/patches/pam-1.1.3-nouserenv.patch')
-rw-r--r--extra/source/pam/patches/pam-1.1.3-nouserenv.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch b/extra/source/pam/patches/pam-1.1.3-nouserenv.patch
new file mode 100644
index 00000000..f3a742c8
--- /dev/null
+++ b/extra/source/pam/patches/pam-1.1.3-nouserenv.patch
@@ -0,0 +1,27 @@
+diff -up pam/modules/pam_env/pam_env.c.nouserenv pam/modules/pam_env/pam_env.c
+--- pam/modules/pam_env/pam_env.c.nouserenv 2010-10-20 09:59:30.000000000 +0200
++++ pam/modules/pam_env/pam_env.c 2010-11-01 14:42:01.000000000 +0100
+@@ -10,7 +10,7 @@
+ #define DEFAULT_READ_ENVFILE 1
+
+ #define DEFAULT_USER_ENVFILE ".pam_environment"
+-#define DEFAULT_USER_READ_ENVFILE 1
++#define DEFAULT_USER_READ_ENVFILE 0
+
+ #include "config.h"
+
+diff -up pam/modules/pam_env/pam_env.8.xml.nouserenv pam/modules/pam_env/pam_env.8.xml
+--- pam/modules/pam_env/pam_env.8.xml.nouserenv 2010-10-20 09:59:30.000000000 +0200
++++ pam/modules/pam_env/pam_env.8.xml 2010-11-01 14:42:01.000000000 +0100
+@@ -147,7 +147,10 @@
+ <listitem>
+ <para>
+ Turns on or off the reading of the user specific environment
+- file. 0 is off, 1 is on. By default this option is on.
++ file. 0 is off, 1 is on. By default this option is off as user
++ supplied environment variables in the PAM environment could affect
++ behavior of subsequent modules in the stack without the consent
++ of the system administrator.
+ </para>
+ </listitem>
+ </varlistentry>