[fprint] 5 enrolls --> does 6 and breaks with error -22
Jonas Jelten
jelten at in.tum.de
Mon Jun 18 08:07:33 PDT 2012
> Hey, root can do everything and with sudo you're providing root
> privileges to the process
> you're invoking.
I can enroll my fingerprint and update the database _without_ sudo
or under root. So any user not knowing my pam password can update
my fingerprint.
When he then invokes a pam-program which uses pam-fprintd.so
(e.g. sudo, su) he can enroll _his_ fingerprint and pass authentication.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/fprint/attachments/20120618/9cf586aa/attachment.pgp>
More information about the fprint
mailing list