debian/patches-applied/cve-2011-4708.patch


1
2
3
4
5
6
7
8
9
10
11
12

Description: fix cve-2011-4708: .pam_environment privilege issue
--- pam-1.1.3.orig/modules/pam_env/pam_env.c
+++ pam-1.1.3/modules/pam_env/pam_env.c
@@ -10,7 +10,7 @@
 #define DEFAULT_READ_ENVFILE    1
 
 #define DEFAULT_USER_ENVFILE    ".pam_environment"
-#define DEFAULT_USER_READ_ENVFILE 1
+#define DEFAULT_USER_READ_ENVFILE 0
 
 #include "config.h"