Re: extrange passwd behaviour
El jue, 04-12-2003 a las 22:08, Greg Folkert escribió:
> On Thu, 2003-12-04 at 15:12, Ruben Porras wrote:
> > I've discovered that login, sudo, gdm only take care of the first 8
> > characters of the passwd. The following characters don't count. See the
> > following example (I've created a new user just to make the test)
> >
> > $$ adduser test
> > Adding user test...
> > Adding new group test (1006).
> > Adding new user test (1006) with group test.
> > Enter new UNIX password: qwertyuiop <-- this, for example 10 letters
> > Retype new UNIX password: qwertyuiop
> > passwd: password updated successfully
> > Changing the user information for test
> > Enter the new value, or press ENTER for the default
> > Full Name []:
> > Room Number []:
> > Work Phone []:
> > Home Phone []:
> > Other []:
> > Is the information correct? [y/n] y
> >
> > $$ su test
> > Password: qwertyui <--- only 8 letters (qwertyuivnksshfdd, for example
> > would be also ok)
> > $$ whoami
> > test
> >
> >
> > I don't see nothing about this in BTS, I'm puzzled.
> Why would it be ib BTS?
>
> That is standard SOP. If you are root... no password needed on that
> unless you have more than traditional *NIX security.
>
> Remember root OWNS the system. root RULES the roost.
Sorry, I forgot to mention that the su command was not executed as root.
As other people say it's a problem related with md5 passwd.
Thantks.
Reply to: