[1346] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Stupid passwd tricks: User with blank GECOS can't change passwd

daemon@ATHENA.MIT.EDU (M Shariful Anam)
Mon Dec 9 07:09:25 1996

Date: Mon, 9 Dec 1996 00:57:53 +0600 (GMT+0600)
From: M Shariful Anam <shuman@triton.kaifnet.com>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.95.961206082345.11256B-100000@underground.error.net>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

On Fri, 6 Dec 1996, IO ERROR wrote:
> I have discovered that a user who has a blank GECOS field in the passwd file
> under RedHat 4.0 (Colgate) is unable to change passwords.  Running the passwd
> command goes like this: 
>  

Quite interestingsly, on my slackware 3.1 Linux system, a user with blank
GECOS field could not log in! The logs says incorrect login with correct and
even no password. But after something was put as GECOS, the user could log
in, and then after changing the passwd, it never happened again with blank
GECOS (not even changing passwd problem)! 

---
 M Shariful Anam                              <shuman@kaifnet.com>

                Kaifnet Services -- Bangladesh


home help back first fref pref prev next nref lref last post