GNOME Bugzilla – Bug 745348
fingerprint reader doesn't need password
Last modified: 2015-03-03 11:48:56 UTC
No password is necassary to config the fingerprint reader. I think this is a security issue: 1. Persons with physical access can scan their own fingerprint. So they can do everything that is allowed for this specific user. 2. If the user owns system privileges (sudo) the person has access to the hole system.
Created attachment 298372 [details] [review] allow changing fingerprints only when authorized Thanks for your bug report. You are right, that it could be security issue. Attaching patch to fix it...
Review of attachment 298372 [details] [review]: That doesn't work. If I'm not an admin, how do I change my fingerprint? The panel gets unlocked with the admin password, and this only papers over the issue, as you can still run fprintd-enroll to enroll a new one.
Thanks for review, you are right, I didn't realize that, so this is fprintd bug, not gnome. So we will require password once it will be required by fprintd... I've filed it to fprintd... https://bugs.freedesktop.org/show_bug.cgi?id=89407