diff options
author | Ray Strode <rstrode@redhat.com> | 2017-08-18 12:41:59 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2017-08-18 12:43:43 -0400 |
commit | ccd8388dd026c390667d7bfc6744a730d951166d (patch) | |
tree | e6fe669460e422595bf4877d1b77f5f6b54073e8 /data | |
parent | 1b91ffcd24e8df58effbdaad0a987e613af34eed (diff) |
data: require an adminstrator password to change own password
We need to enforce this, because otherwise we're allowing the
user to bypass password sanity enforcement rules.
This commit changes the newly added change-own-password action to
be auth_admin.
https://bugzilla.gnome.org/show_bug.cgi?id=97518
Notes
Should be https://bugs.freedesktop.org/show_bug.cgi?id=97518
Diffstat (limited to 'data')
-rw-r--r-- | data/org.freedesktop.accounts.policy.in | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/data/org.freedesktop.accounts.policy.in b/data/org.freedesktop.accounts.policy.in index b7c2d65..d149399 100644 --- a/data/org.freedesktop.accounts.policy.in +++ b/data/org.freedesktop.accounts.policy.in @@ -21,9 +21,9 @@ <_description>Change your own user password</_description> <_message>Authentication is required to change your own user password</_message> <defaults> - <allow_any>auth_self</allow_any> - <allow_inactive>auth_self</allow_inactive> - <allow_active>auth_self</allow_active> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin</allow_active> </defaults> </action> |