** Changed in: unity-control-center (Ubuntu)
Importance: Undecided => High
** Changed in: unity-control-center (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to unity-control-center in Ubuntu.
https://bugs.launchpad.net/bugs/1314886
Title:
Changing user from no password login to disabled leaves user in no
password login group
Status in “unity-control-center” package in Ubuntu:
Triaged
Bug description:
If a user is set to login without a password and subsequently the
account is disabled, the user is not removed from the nopassword login
group. The result is that the user can still login even though the
admin has disabled to account.
This is a security issue and is present in 12.04, 13.10, and 14.04.
This stems from the failure to reset to the password mode away from
password_mode_none to password_mode_regular.
I have submitted a merge proposal to fix this at
https://code.launchpad.net/~echaskes/unity-control-center/fix-user-
password-dialog
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity-control-center/+bug/1314886/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
