| 1 |
Max R.D. Parmer <maxp <at> trystero.is> writes: |
| 2 |
|
| 3 |
|
| 4 |
> > Which file contains the purported malaised default configration? |
| 5 |
> > I just want to manually inspect it and verify for myself. |
| 6 |
|
| 7 |
> /etc/pam.d/system-auth which is provided by pambase: |
| 8 |
> https://gitweb.gentoo.org/proj/pambase.git/ |
| 9 |
|
| 10 |
|
| 11 |
Huh. I looked at that and concluded it could not possibly be the problem. |
| 12 |
|
| 13 |
I went a bit deeper at coreOS and found that they are using |
| 14 |
|
| 15 |
pambase-20101024 from 2010. Double_huh. I had heard they were behind |
| 16 |
on updating may ebuilds, but that is ridiculous. Here are the details |
| 17 |
should anyone be interested:: |
| 18 |
|
| 19 |
https://github.com/coreos/coreos-overlay/commit/ |
| 20 |
048faeb3b1b1a693dec3bdb47b127b8d71c48c13 |
| 21 |
|
| 22 |
I (previously) had high regards for CoreOS, but not keeping things current |
| 23 |
is usually the largest source of problems and sploits, imho. |
| 24 |
|
| 25 |
|
| 26 |
thx, |
| 27 |
James |
Archives