Description: fix cve-2010-4708: .pam_environment privilege issue
Index: pam/modules/pam_env/pam_env.c
===================================================================
--- pam.orig/modules/pam_env/pam_env.c
+++ pam/modules/pam_env/pam_env.c
@@ -10,7 +10,7 @@
#define DEFAULT_READ_ENVFILE 1
#define DEFAULT_USER_ENVFILE ".pam_environment"
-#define DEFAULT_USER_READ_ENVFILE 1
+#define DEFAULT_USER_READ_ENVFILE 0
#include "config.h"
Index: pam/modules/pam_env/pam_env.8.xml
===================================================================
--- pam.orig/modules/pam_env/pam_env.8.xml
+++ pam/modules/pam_env/pam_env.8.xml
@@ -147,7 +147,7 @@
Turns on or off the reading of the user specific environment
- file. 0 is off, 1 is on. By default this option is on.
+ file. 0 is off, 1 is on. By default this option is off.
Index: pam/modules/pam_env/pam_env.8
===================================================================
--- pam.orig/modules/pam_env/pam_env.8
+++ pam/modules/pam_env/pam_env.8
@@ -2,12 +2,12 @@
.\" Title: pam_env
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 09/19/2013
+.\" Date: 01/15/2014
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
-.TH "PAM_ENV" "8" "09/19/2013" "Linux-PAM Manual" "Linux-PAM Manual"
+.TH "PAM_ENV" "8" "01/15/2014" "Linux-PAM Manual" "Linux-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -88,7 +88,7 @@
.PP
\fBuser_readenv=\fR\fB\fI0|1\fR\fR
.RS 4
-Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&.
+Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&.
.RE
.SH "MODULE TYPES PROVIDED"
.PP
@@ -138,7 +138,7 @@
.PP
\fBpam_env.conf\fR(5),
\fBpam.d\fR(5),
-\fBpam\fR(8)\&.
+\fBpam\fR(7)\&.
.SH "AUTHOR"
.PP
pam_env was written by Dave Kinchlea \&.
Index: pam/modules/pam_env/README
===================================================================
--- pam.orig/modules/pam_env/README
+++ pam/modules/pam_env/README
@@ -5,7 +5,7 @@
DESCRIPTION
The pam_env PAM module allows the (un)setting of environment variables.
-Supported is the use of previously set environment variables as well as
+Supported is the use of previously set environment variables as well as
PAM_ITEMs such as PAM_RHOST.
By default rules for (un)setting of variables is taken from the config file /
@@ -50,7 +50,7 @@
user_readenv=0|1
Turns on or off the reading of the user specific environment file. 0 is
- off, 1 is on. By default this option is on.
+ off, 1 is on. By default this option is off.
EXAMPLES