© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
72d0f49
demo site
(Get the code!)
Update:
This bug is more like "PolicyKit accepts passwords of other accounts". I just discovered it's also possible to log on as the primary user, start Synaptic and then enter the password of the secundary account. After entering the password of another account nothing happens. Synaptic isn't started, but PolicyKit also doesn't give an error. It looks like PolicyKit found the password you entered (although it doesn't belong to the currently logged on user) and thus doesn't give an error stating an incorrect password has been entered.
Looks like a major bug to me, because when somebody enters a wrong and nothing happens, he knows he entered a valid password of another user. Then he can just log out and try out this password for every account, untill he finds out to which user the password belongs.