Re: Bug#269457: pam_krb5 should read PAM_OLDAUTHTOK instead of PAM_AUTHTOK when changing a password

To: Andreas Vögele <voegele@trustsec.de>
Cc: 269457@bugs.debian.org, debian-devel@lists.debian.org
Subject: Re: Bug#269457: pam_krb5 should read PAM_OLDAUTHTOK instead of PAM_AUTHTOK when changing a password
From: Brian May <bam@debian.org>
Date: Sat, 25 Sep 2004 14:59:16 +1000
Message-id: <[🔎] sa4k6ujyme3.fsf@snoopy.apana.org.au>
Mail-followup-to: Andreas Vögele <voegele@trustsec.de>, 269457@bugs.debian.org, debian-devel@lists.debian.org
In-reply-to: <9A241CE0-FC30-11D8-97ED-000D93673682@trustsec.de> (Andreas Vögele's message of "Wed, 1 Sep 2004 18:04:28 +0200")
References: <9A241CE0-FC30-11D8-97ED-000D93673682@trustsec.de>

>>>>> "Andreas" == Andreas Vögele <voegele@trustsec.de> writes:

    Andreas> I think that there's a bug in pam_krb5_pass.c. When
    Andreas> use_first_pass or try_first_pass is used the function
    Andreas> pam_sm_chauthtok() tries to get the old password from the
    Andreas> preceding module with PAM_AUTHTOK. The problem is that
    Andreas> pam_unix_passwd doesn't store the old password in
    Andreas> PAM_AUTHTOK but in PAM_OLDAUTHTOK. See
    Andreas> pam-0.76/Linux-PAM/modules/pam_unix/pam_unix_passwd.c:

Hello All,

I am not familiar with the specifications of PAM. Can I please get a
2nd opinion to ensure the patch given at
<URL:http://bugs.debian.org/269457>, based on the above description,
is correct?

It looks OK to me.

Thanks.
-- 
Brian May <bam@debian.org>

Reply to:

Prev by Date: CCE new upstream release
Next by Date: Bug#273311: ITP: vdr-plugin-prefermenu -- Plugin that implements a preferred channels menu
Previous by thread: CCE new upstream release
Next by thread: Bug#273311: ITP: vdr-plugin-prefermenu -- Plugin that implements a preferred channels menu
Index(es):
- Date
- Thread