1 |
Max R.D. Parmer <maxp <at> trystero.is> writes: |
2 |
|
3 |
|
4 |
> > Which file contains the purported malaised default configration? |
5 |
> > I just want to manually inspect it and verify for myself. |
6 |
|
7 |
> /etc/pam.d/system-auth which is provided by pambase: |
8 |
> https://gitweb.gentoo.org/proj/pambase.git/ |
9 |
|
10 |
|
11 |
Huh. I looked at that and concluded it could not possibly be the problem. |
12 |
|
13 |
I went a bit deeper at coreOS and found that they are using |
14 |
|
15 |
pambase-20101024 from 2010. Double_huh. I had heard they were behind |
16 |
on updating may ebuilds, but that is ridiculous. Here are the details |
17 |
should anyone be interested:: |
18 |
|
19 |
https://github.com/coreos/coreos-overlay/commit/ |
20 |
048faeb3b1b1a693dec3bdb47b127b8d71c48c13 |
21 |
|
22 |
I (previously) had high regards for CoreOS, but not keeping things current |
23 |
is usually the largest source of problems and sploits, imho. |
24 |
|
25 |
|
26 |
thx, |
27 |
James |