PAM modules can change the user during their execution, in such case, sudo would still use the user that has been provided giving potentially access to another user with the credentials of another one.
So prevent this to happen, by ensuring that the final PAM user is matching the one which started the transaction.
PAM modules can change the user during their execution, in such case, sudo would still use the user that has been provided giving potentially access to another user with the credentials of another one.
So prevent this to happen, by ensuring that the final PAM user is matching the one which started the transaction.
Similar to https://github.com/util-linux/util-linux/pull/3206