[Fingerforce-devel] Bug#606381: libpam-fprint: creates empty ~/.fprint as root:$USER/700

Luca Capello luca at pca.it
Wed Dec 8 19:56:01 UTC 2010 

Package: libpam-fprint
Version: 20080330+git-5
Severity: important

Hi there!

I guess the output below speaks for itself:
=====
[20:48:09] luca at gismo:~$ ls -la | grep fprint
drwx------   3 luca luca      4096 Sep 16 12:37 .fprint.BCK

[20:48:17] luca at gismo:~$ sudo mount
Could not locate any suitable fingerprints matched with available hardware.
[sudo] password for luca:
/dev/mapper/vggismo-lvroot on / type ext3 (rw,relatime,errors=remount-ro)
tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
varrun on /var/run type tmpfs (rw,nosuid,mode=0755)
varlock on /var/lock type tmpfs (rw,noexec,nosuid,nodev,mode=1777)
udev on /dev type tmpfs (rw,mode=0755)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
/dev/sda1 on /boot type ext2 (rw,relatime)
/dev/mapper/vggismo-lvhome on /home type ext3 (rw,relatime)
tmpfs on /tmp type tmpfs (rw)
fusectl on /sys/fs/fuse/connections type fusectl (rw)

[20:48:27] luca at gismo:~$ ls -la | grep fprint
drwx------   3 root luca      4096 Dec  8 20:48 .fprint
drwx------   3 luca luca      4096 Sep 16 12:37 .fprint.BCK

[20:48:29] luca at gismo:~$ find .fprint
.fprint
find: `.fprint': Permission denied

[20:52:46] luca at gismo:~$ su
Could not locate any suitable fingerprints matched with available hardware.
Password:

gismo:/home/luca# find .fprint
.fprint
.fprint/prints

gismo:/home/luca#

[20:53:30] luca at gismo:~$ 
=====

This is not acceptable, because ~/.fprint is not anymore accessible by
the normal user, thus breaking every program who tries that without
being root (just imagine a backup script...).

Moreover, I do not see the point in creating an empty folder just for
the sake of it: libpam-fprint should cope with the folder not being
present.

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.36-rc6-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libpam-fprint depends on:
ii  libc6                      2.11.2-7      Embedded GNU C Library: Shared lib
ii  libfprint0                 20100820git-1 async fingerprint library of fprin
ii  libpam-runtime             1.1.1-6.1     Runtime support for the PAM librar
ii  libpam0g                   1.1.1-6.1     Pluggable Authentication Modules l

libpam-fprint recommends no packages.

libpam-fprint suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/fingerforce-devel/attachments/20101208/0c68041a/attachment.pgp>

More information about the Fingerforce-devel mailing list