problems with libpam-unix2 and gnome-screensaver
Bug #82518 reported by
PatRiehecky
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libpam-unix2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: libpam-unix2
Followed guide in http://
See debian bug http://
Changed in libpam-unix2: | |
status: | New → Confirmed |
To post a comment you must log in.
I have the same problem with libpam-unix2 1.25-1.1 and gnome-screensaver 2.17.7-0ubuntu2.
The problem is exactly as described in Debian #295526 above: gnome-screensaver drops any privileges it has by the time it calls into PAM, but pam_unix2 needs to read the hash from the shadow file.
The regular pam_unix module calls unix_chkpwd when it discovers this situation. The same solution should work with pam_unix2. If the security implications of this approach are acceptable in pam_unix, they should be here as well.