walters / rpms / pam

Forked from rpms/pam 5 years ago
Clone
Source Code
GIT

Files

  1.   84aae9207bc7060a7342d7e84c6628dbeea0f525
  2.   pam-1.0.4-unix-root-update.patch
Blob Blame History Raw 
diff -up Linux-PAM-1.0.4/modules/pam_unix/unix_update.c.root-update Linux-PAM-1.0.4/modules/pam_unix/unix_update.c
--- Linux-PAM-1.0.4/modules/pam_unix/unix_update.c.root-update	2008-02-21 22:12:30.000000000 +0100
+++ Linux-PAM-1.0.4/modules/pam_unix/unix_update.c	2009-03-17 11:20:22.000000000 +0100
@@ -71,11 +71,14 @@ set_password(const char *forwho, const c
         goto done;
     }
 
-    /* does pass agree with the official one?
-       we always allow change from null pass */
-    retval = helper_verify_password(forwho, pass, 1);
-    if (retval != PAM_SUCCESS) {
-	goto done;
+    /* If real caller uid is not root we must verify that
+       received old pass agrees with the current one.
+       We always allow change from null pass. */
+    if (getuid()) {
+	retval = helper_verify_password(forwho, pass, 1);
+	if (retval != PAM_SUCCESS) {
+	    goto done;
+	}
     }
 
     /* first, save old password */
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.