Bug 6735 - pam_sm_chauthtok must not overwrite old password and new password as it might be used by following pam modules
pam_sm_chauthtok must not overwrite old password and new password as it might...
Status: RESOLVED FIXED
Product: Samba 3.3
Classification: Unclassified
Component: Winbind
unspecified
All Linux
: P3 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-09-16 09:58 UTC by Bo Yang
Modified: 2009-09-19 11:57 UTC (History)
1 user (show)

See Also:


Attachments
patch for v3-3-test (1.17 KB, patch)
2009-09-16 09:59 UTC, Bo Yang
no flags Details
patch for v3-4-test (1.13 KB, patch)
2009-09-16 10:00 UTC, Bo Yang
no flags Details
patch for v3-5-test (1.13 KB, patch)
2009-09-16 10:00 UTC, Bo Yang
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Bo Yang 2009-09-16 09:58:07 UTC
pam_sm_chauthtok in pam_winbind must not overwrite old password and new password, Since the following pam modules might use them. For example, when user change password on AD, he also wants to change password in gnome keyring, gnome keyring will use the old password and the new password.
Comment 1 Bo Yang 2009-09-16 09:59:33 UTC
Created attachment 4705 [details]
patch for v3-3-test
Comment 2 Bo Yang 2009-09-16 10:00:08 UTC
Created attachment 4706 [details]
patch for v3-4-test
Comment 3 Bo Yang 2009-09-16 10:00:44 UTC
Created attachment 4707 [details]
patch for v3-5-test
Comment 4 Bo Yang 2009-09-16 10:02:09 UTC
v3-2-test is also affected by this. But there is no release of 3.2.x any more. So I didn't create a patch for it.
Comment 5 Jeremy Allison 2009-09-16 11:58:08 UTC
+ from me. Makes perfect sense. Re-assigning to Karolin for inclusion.
Jeremy.
Comment 6 Bo Yang 2009-09-17 02:47:33 UTC
Sorry, pushed to v3-5-test. :-)
Comment 7 Karolin Seeger 2009-09-19 11:57:56 UTC
Pushed to v3-4-test and v3-3-test.
Closing out bug report.

Thanks!