Fingerprint login can be changed without authentication
Bug #1797012 reported by
Alex Jones
This bug report is a duplicate of:
Bug #1532264: fprintd allows unauthorized root access.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fprintd (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
libfprint (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
pam-fprint (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
sudo (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
In Ubuntu 18.04, a new fingerprint can be registered without authentication, allowing the bypass of any authentication mechanism that is configured to use the fingerprint reader, for example, sudo. The version number of libfprint on my system is 1:0.7.0-1
no longer affects: | ubuntu-docs (Ubuntu) |
To post a comment you must log in.
Hello Alex, could you please describe the steps necessary to recreate this issue?
Is there any chance you're in a position to test the forthcoming cosmic release?
Thanks