Bug ID | 900836 |
---|---|
Summary | GNOME lock screen unlocks without password if fprintd is installed |
Classification | openSUSE |
Product | openSUSE Factory |
Version | 201410* |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Major |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | rbrown@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Using the latest openSUSE Factory snapshot (also present in openSUSE 13.2 RC1) GNOME automatically unlocks if fprintd is present The user never gets asked for a password The user never has an opportunity to enter their fingerprint journal shows fprintd starting each time the lock screen is activated, but no errors or warnings to imply it's misbehaving Removing fprintd 'resolves' the issue but disables fingerprint authentication Current theories to resolve this include - Using the same gdm-fingerprint pam configuration as Fedora https://git.gnome.org/browse/gdm/tree/data/pam-redhat/gdm-fingerprint.pam Enabling split-authentication in the gdm package (currently being built in my OBS home)