diff options
Diffstat (limited to 'modules')
-rw-r--r-- | modules/pam_env/pam_env.8.xml | 5 | ||||
-rw-r--r-- | modules/pam_env/pam_env.c | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/modules/pam_env/pam_env.8.xml b/modules/pam_env/pam_env.8.xml index 536cb132..b85fbaae 100644 --- a/modules/pam_env/pam_env.8.xml +++ b/modules/pam_env/pam_env.8.xml @@ -143,7 +143,10 @@ <listitem> <para> Turns on or off the reading of the user specific environment - file. 0 is off, 1 is on. By default this option is on. + file. 0 is off, 1 is on. By default this option is off as user + supplied environment variables in the PAM environment could affect + behavior of subsequent modules in the stack without the consent + of the system administrator. </para> </listitem> </varlistentry> diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index 8ac8ed33..6be39ba3 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -10,7 +10,7 @@ #define DEFAULT_READ_ENVFILE 1 #define DEFAULT_USER_ENVFILE ".pam_environment" -#define DEFAULT_USER_READ_ENVFILE 1 +#define DEFAULT_USER_READ_ENVFILE 0 #include "config.h" |