Bugtraq mailing list archives
Re: Oddities in RH 5.0
From: jaras () GROMIT ML ORG (King O' Fun)
Date: Sun, 28 Dec 1997 14:34:45 -0500
If anything here is already know, sorry. Redhat 4.2 also exibits some Password oditys, I thought nothing of it and learned to deal with it. --SNIP-- # adduser test Looking for first available UID... 509 Looking for first available GID... 509 Adding login: test...done. Creating home directory: /home/test...done. Creating mailbox: /var/spool/mail/test...done. Don't forget to set the password. # passwd test New UNIX password: BAD PASSWORD: it is too short Retype new UNIX password: passwd: all authentication tokens updated successfully --SNIP-- Ok this seems correct however PAM is setup to use shadow passwords. /etc/passwd entry: test:JPwKnbcDs6orA:509:509:RHS Linux User:/home/test:/bin/bash /etc/shadow entry: test:*:10223:::::: The User is still able to Login however their password is world readable. A run of pwconv5 will fix this. However one would expect passwd to not have this problem, take a look at the source for 'su' it has HAS_SHADOW option so its not like passwd is unable to do it. I was under the impression that PAM was supposed to allow you to change authentication without changing everything. This could be a problem with my PAM configuration though I followed the Directions right out of "The Official Red Hat Linux Users Guide". I know of one other person off the top of my head with this problem.
Current thread:
- Oddities in RH 5.0 Tres Melton (Dec 28)
- Re: Oddities in RH 5.0 Frank Sweetser (Dec 28)
- Re: Oddities in RH 5.0 King O' Fun (Dec 28)
- Re: Oddities in RH 5.0 Chris Bond (Dec 28)
- AIX 4.x Mount S. Ryan Quick (Dec 28)
- Re: AIX 4.x Mount Troy A. Bollinger (Dec 28)
- iPass RoamServer 3.1 Chris A. Epler (Dec 29)
- Apache DoS attack? Micha? Zalewski (Dec 30)
- Re: Apache DoS attack? Mark Lowes (Dec 30)
- Re: Apache DoS attack? Pancrazio DE MAURO (Dec 30)