diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 17:53:41 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 18:17:08 -0800 |
| commit | 212b52cf29c06cc209bc8ac0540dbab1acdf1464 (patch) | |
| tree | 58da0bf39f5c4122e4a1b4da20fdeea52b97a671 /modules/pam_unix/unix_update.c | |
| parent | 9c52e721044e7501c3d4567b36d222dc7326224a (diff) | |
| parent | 56c8282d128fb484ffc77dff73abf42229b291d3 (diff) | |
| download | pam-212b52cf29c06cc209bc8ac0540dbab1acdf1464.tar.gz pam-212b52cf29c06cc209bc8ac0540dbab1acdf1464.tar.bz2 pam-212b52cf29c06cc209bc8ac0540dbab1acdf1464.zip | |
New upstream version 1.1.0
Diffstat (limited to 'modules/pam_unix/unix_update.c')
| -rw-r--r-- | modules/pam_unix/unix_update.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c index f54a59ce..702912d0 100644 --- a/modules/pam_unix/unix_update.c +++ b/modules/pam_unix/unix_update.c @@ -71,11 +71,14 @@ set_password(const char *forwho, const char *shadow, const char *remember) goto done; } - /* does pass agree with the official one? - we always allow change from null pass */ - retval = helper_verify_password(forwho, pass, 1); - if (retval != PAM_SUCCESS) { - goto done; + /* If real caller uid is not root we must verify that + received old pass agrees with the current one. + We always allow change from null pass. */ + if (getuid()) { + retval = helper_verify_password(forwho, pass, 1); + if (retval != PAM_SUCCESS) { + goto done; + } } /* first, save old password */ |