Interesting, the pam/pam_fprintd.c file has the following function that would be used for the pam_chauthtok(3) function:
PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return PAM_SUCCESS;
}
If I've read this correctly, this is more than a misconfiguration of a PAM configuration file -- the module was apparently never intended to enforce authentication before updating authentication tokens.
Interesting, the pam/pam_fprintd.c file has the following function that would be used for the pam_chauthtok(3) function:
PAM_EXTERN int pam_sm_ chauthtok( pam_handle_ t *pamh, int flags, int argc,
const char **argv)
{
return PAM_SUCCESS;
}
If I've read this correctly, this is more than a misconfiguration of a PAM configuration file -- the module was apparently never intended to enforce authentication before updating authentication tokens.
I filed a bug report upstream: https:/ /github. com/dsd/ pam_fprint/ issues/ 2
Thanks