Anyone can give your finger by spoofing DBUS signals
to pam_fprintd, effectively bypassing fprintd authentication.
Tested with fprintd 0.41.
darklena is the PoC and the authors have been informed.
Its probably about time to check dbus-glib usage or usage
of DBUS signals in privileged code in general.
[Update:] successfully tested on a vanilla FC16 setup with
fprintd installed from repository and SELinux target config