Python: Adjust name/description/select of PamAuthorization.ql

Thought that calling out the actual vulnerability would make things
easier for our end users :)

Author: RasmusWL

python/ql/src/experimental/Security/CWE-285/PamAuthorization.ql

@@ -1,6 +1,6 @@
 /**
- * @name Authorization bypass due to incorrect usage of PAM
- * @description Using only the `pam_authenticate` call to check the validity of a login can lead to a authorization bypass.
+ * @name PAM authorization bypass due to incorrect usage
+ * @description Not using `pam_acct_mgmt` after `pam_authenticate` to check the validity of a login can lead to authorization bypass.
  * @kind problem
  * @problem.severity warning
  * @precision high
@@ -33,4 +33,5 @@ where
     acctMgmtCall = libPam().getMember("pam_acct_mgmt").getACall() and
     DataFlow::localFlow(handle, acctMgmtCall.getArg(0))
   )
-select authenticateCall, "This PAM authentication call may be lead to an authorization bypass."
+select authenticateCall,
+  "This PAM authentication call may be lead to an authorization bypass, since 'pam_acct_mgmt' is not called afterwards."

python/ql/test/experimental/query-tests/Security/CWE-285/PamAuthorization.expected

@@ -1 +1 @@
-| pam_test.py:48:18:48:44 | ControlFlowNode for pam_authenticate() | This PAM authentication call may be lead to an authorization bypass. |
+| pam_test.py:48:18:48:44 | ControlFlowNode for pam_authenticate() | This PAM authentication call may be lead to an authorization bypass, since 'pam_acct_mgmt' is not called afterwards. |