1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
Description: fix cve-2010-4708: .pam_environment privilege issue
Index: pam/modules/pam_env/pam_env.c
===================================================================
--- pam.orig/modules/pam_env/pam_env.c
+++ pam/modules/pam_env/pam_env.c
@@ -10,7 +10,7 @@
#define DEFAULT_READ_ENVFILE 1
#define DEFAULT_USER_ENVFILE ".pam_environment"
-#define DEFAULT_USER_READ_ENVFILE 1
+#define DEFAULT_USER_READ_ENVFILE 0
#include "config.h"
Index: pam/modules/pam_env/pam_env.8.xml
===================================================================
--- pam.orig/modules/pam_env/pam_env.8.xml
+++ pam/modules/pam_env/pam_env.8.xml
@@ -158,7 +158,7 @@
<listitem>
<para>
Turns on or off the reading of the user specific environment
- file. 0 is off, 1 is on. By default this option is on.
+ file. 0 is off, 1 is on. By default this option is off.
</para>
</listitem>
</varlistentry>
Index: pam/modules/pam_env/pam_env.8
===================================================================
--- pam.orig/modules/pam_env/pam_env.8
+++ pam/modules/pam_env/pam_env.8
@@ -101,7 +101,7 @@
.PP
\fBuser_readenv=\fR\fB\fI0|1\fR\fR
.RS 4
-Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&.
+Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&.
.RE
.SH "MODULE TYPES PROVIDED"
.PP
Index: pam/modules/pam_env/README
===================================================================
--- pam.orig/modules/pam_env/README
+++ pam/modules/pam_env/README
@@ -57,7 +57,7 @@
user_readenv=0|1
Turns on or off the reading of the user specific environment file. 0 is
- off, 1 is on. By default this option is on.
+ off, 1 is on. By default this option is off.
EXAMPLES
|