1 |
On Tuesday 31 May 2016 16:30:27 James wrote: |
2 |
> Here is an interesting read:: |
3 |
> |
4 |
> Security brief: CoreOS Linux Alpha remote SSH issue |
5 |
> May 19, 2016 · By Matthew Garrett |
6 |
> |
7 |
> <snippets> |
8 |
> |
9 |
> Gentoo defaults to ending the PAM configuration with an optional pam_permit. |
10 |
> |
11 |
> This meant that failing both pam_unix and pam_sss on CoreOS systems would |
12 |
> surprisingly result in authentication succeeding, and access being granted. |
13 |
> |
14 |
> The operator user was not used by CoreOS, but existed because it exists in |
15 |
> the Gentoo Portage system from which CoreOS is derived. |
16 |
> <end/snippets> |
17 |
> |
18 |
> Full read [1]. It kinda shows that CoreOS is derived from Gentoo |
19 |
> and not ChromeOS; at least when time to blame a security lapse elsewhere.... |
20 |
> |
21 |
> |
22 |
> enjoy, |
23 |
> James |
24 |
> |
25 |
> [1] https://coreos.com/blog/ |
26 |
|
27 |
Does this mean we need to do anything to improve the security of our systems? |
28 |
-- |
29 |
Regards, |
30 |
Mick |