login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Util-linux | Andries_brouwer | 2.12a | 2.12a |