Re: Automatic password changing
On Thu, Mar 23, 2000 at 11:04:17AM +0000, Tim Haynes wrote:
> OTOH it's only going to take a wee fraction of a second to happen and it's not
> as though everyone logs every process that happens...
They might well do so if they knew the root password was getting changed by
a cron job! They would be looking for the path of the script/program that
was doing it, and would probably fall out of their chair when they saw the
encrypted root password right there. OTOH, if you've got MD5 passwords,
it won't help them unless you've got a dictionary-attack succeptible
password. Still, it's a bad thing.
I'd make a script in /usr/local/sbin
#!/usr/bin/perl -npi.bak /etc/shadow
s/^root:[^:]*:/root:pants/o
(I think that works, I'm a perl beginner... I don't know though, complex
command lines in #! lines usually don't work with other things :( )
--
#define X(x,y) x##y
DUPS Secretary ; http://is2.dal.ca/~dups/
Peter Cordes ; e-mail: X(peter@cordes.phys. , dal.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
Reply to: