Debian Developers - Bug#269457: pam_krb5 should read PAM_OLDAUTHTOK instead of PAM_AUTHTOK when changing a

This is Interesting: Free IT Magazines  
Home > Archive > Debian Developers > September 2004 > Bug#269457: pam_krb5 should read PAM_OLDAUTHTOK instead of PAM_AUTHTOK when changing a





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Bug#269457: pam_krb5 should read PAM_OLDAUTHTOK instead of PAM_AUTHTOK when changing a
Brian May

2004-09-25, 2:50 am

>>>>> "Andreas" =3D=3D Andreas V=F6gele <voegele@trustsec.de> writes:

Andreas> I think that there's a bug in pam_krb5_pass.c. When
Andreas> use_first_pass or try_first_pass is used the function
Andreas> pam_sm_chauthtok() tries to get the old password from the
Andreas> preceding module with PAM_AUTHTOK. The problem is that
Andreas> pam_unix_passwd doesn't store the old password in
Andreas> PAM_AUTHTOK but in PAM_OLDAUTHTOK. See
Andreas> pam-0.76/Linux-PAM/modules/pam_unix/pam_unix_passwd.c:

Hello All,

I am not familiar with the specifications of PAM. Can I please get a
2nd opinion to ensure the patch given at
<URL:http://bugs.debian.org/269457>, based on the above description,
is correct?

It looks OK to me.

Thanks.
--=20
Brian May <bam@debian.org>
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com