[1346] in linux-security and linux-alert archive
[linux-security] Re: Stupid passwd tricks: User with blank GECOS can't change passwd
daemon@ATHENA.MIT.EDU (M Shariful Anam)
Mon Dec 9 07:09:25 1996
Date: Mon, 9 Dec 1996 00:57:53 +0600 (GMT+0600)
From: M Shariful Anam <shuman@triton.kaifnet.com>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.95.961206082345.11256B-100000@underground.error.net>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
On Fri, 6 Dec 1996, IO ERROR wrote:
> I have discovered that a user who has a blank GECOS field in the passwd file
> under RedHat 4.0 (Colgate) is unable to change passwords. Running the passwd
> command goes like this:
>
Quite interestingsly, on my slackware 3.1 Linux system, a user with blank
GECOS field could not log in! The logs says incorrect login with correct and
even no password. But after something was put as GECOS, the user could log
in, and then after changing the passwd, it never happened again with blank
GECOS (not even changing passwd problem)!
---
M Shariful Anam <shuman@kaifnet.com>
Kaifnet Services -- Bangladesh