diff --git a/SOURCES/0001-Added-GOST-policy-also-added-experimental-PAM-genera.patch b/SOURCES/0001-Added-GOST-policy-also-added-experimental-PAM-genera.patch
index edadc7e..4bae6dc 100644
--- a/SOURCES/0001-Added-GOST-policy-also-added-experimental-PAM-genera.patch
+++ b/SOURCES/0001-Added-GOST-policy-also-added-experimental-PAM-genera.patch
@@ -1,4 +1,4 @@
-From e5a68f54ac324d218e3b9575eb0a096c8905aaf9 Mon Sep 17 00:00:00 2001
+From 951bd751a2b30d2ada58468fd18f5f550d38e51b Mon Sep 17 00:00:00 2001
 From: Alexey Berezhok <aberezhok@msvsphere-os.ru>
 Date: Tue, 23 Jan 2024 23:01:57 +0300
 Subject: [PATCH] Added GOST policy also added experimental PAM generator
@@ -26,7 +26,7 @@ Subject: [PATCH] Added GOST policy also added experimental PAM generator
  python/policygenerators/auth.py               |  36 +++++
  .../fedora-crypto-policies.code-workspace     |   0
  python/policygenerators/openssl.py            |  23 +++
- scripts/auth_apply.sh                         | 110 +++++++++++++
+ scripts/auth_apply.sh                         | 115 ++++++++++++++
  tests/alternative-policies/GOST-ONLY.pol      |  30 ++++
  tests/alternative-policies/modules/GOST.pmod  |  18 +++
  tests/gnutls.pl                               |   2 +-
@@ -104,7 +104,7 @@ Subject: [PATCH] Added GOST policy also added experimental PAM generator
  tests/outputs/GOST-ONLY-sequoia.txt           |  51 ++++++
  tests/outputs/LEGACY-auth.txt                 |   0
  .../outputs/LEGACY:AD-SUPPORT-LEGACY-auth.txt |   0
- 100 files changed, 1397 insertions(+), 10 deletions(-)
+ 100 files changed, 1402 insertions(+), 10 deletions(-)
  create mode 100644 authselect_policies/sssd_gost/README
  create mode 100644 authselect_policies/sssd_gost/REQUIREMENTS
  create mode 100644 authselect_policies/sssd_gost/dconf-db
@@ -982,10 +982,10 @@ index 165a26b..75940d8 100644
              s += 'Options = RHNoEnforceEMSinFIPS\n'
 diff --git a/scripts/auth_apply.sh b/scripts/auth_apply.sh
 new file mode 100755
-index 0000000..ca5c3dc
+index 0000000..0fa7192
 --- /dev/null
 +++ b/scripts/auth_apply.sh
-@@ -0,0 +1,110 @@
+@@ -0,0 +1,115 @@
 +#!/usr/bin/bash
 +# Скрипт настройки профиля authselect для crypto-policy
 +# Примеры запуска:
@@ -1062,7 +1062,12 @@ index 0000000..ca5c3dc
 +# данный снимок создается при профиля через crypto-policy
 +if [ "$EMPTY" = "1" ];then
 +    if [ -e "$PATH_TO_AUTH_SEL_BAK" ];then
-+        /usr/bin/mv -f "$PATH_TO_AUTH_SEL_BAK" "$PATH_TO_AUTH_CONFIG"
++# Только root может восстанавливать конфигурацию из резервной копии
++# дабыизбежать подлога и восстановления файла, созданного пользователем
++        OWNER_UID=$(/usr/bin/stat -c "%u" "$PATH_TO_AUTH_SEL_BAK")
++        if [ "$OWNER_UID" = "0" ];then
++            /usr/bin/mv -f "$PATH_TO_AUTH_SEL_BAK" "$PATH_TO_AUTH_CONFIG"
++        fi
 +    fi
 +    if [ -z "$TEST" ];then
 +        $AUTH_SELECT_APPLY