On Mon, Jun 18, 2012 at 6:07 PM, Jonas Jelten <jel...@in.tum.de> wrote: > > I can enroll my fingerprint and update the database _without_ sudo > or under root. So any user not knowing my pam password can update > my fingerprint. > When he then invokes a pam-program which uses pam-fprintd.so > (e.g. sudo, su) he can enroll _his_ fingerprint and pass authentication.
Oh, ok. Than it's a serious issue. _______________________________________________ fprint mailing list fprint@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/fprint
