On Thu, Jun 2, 2016, at 06:44, James wrote: > Neil Bothwick <neil <at> digimed.co.uk> writes: > > > > > Does this mean we need to do anything to improve the security of our > > > systems? > > > The report seems to be saying that the problem is caused by using the > > Gentoo default config, which assumes a Gentoo environment. So it's fine > > on Gentoo. But it won't hurt to run glsa-check from time to time (my sync > > script does it every time and mails me if there's a problem). > > Which file contains the purported malaised default configration? > I just want to manually inspect it and verify for myself.
/etc/pam.d/system-auth which is provided by pambase: https://gitweb.gentoo.org/proj/pambase.git/
