[309] in RedHat Linux List
Re: change in login program?? in redhat 4.0
daemon@ATHENA.MIT.EDU (Erik Troan)
Mon Oct 21 20:32:36 1996
Date: Mon, 21 Oct 1996 20:25:27 -0400 (EDT)
From: Erik Troan <ewt@redhat.com>
To: redhat-list@redhat.com
In-Reply-To: <Pine.OSF.3.91.961021170750.27025A-100000@osf1.gmu.edu>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Mon, 21 Oct 1996, Garrett P Nievin wrote:
> Another oddness in the Colgate: if you login or su to a user without a
> password, it will still ask for one (despite what the man page says). It
> will completely ignore any entered password, though.
That's a bug (the part about completely ignoring the password, it should
be checked against an entered password). Accounts with no passwords
are a buf security hole becuase of programs like imapd that simply
weren't designed to work that way. If you need this behavior, use
the pam listfile module instead.
Erik
-------------------------------------------------------------------------------
Always hoped that I'd be an apostle. Knew that I would make it if I tried.
Then when we retire we can write the gospels so they'll all talk about
us when we've die. - "The Last Supper" from Jesus Christ Superstar
| Erik Troan = http://sunsite.unc.edu/ewt/ = ewt@sunsite.unc.edu |
--
PLEASE read the Red Hat FAQ, Tips, HOWTO and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-HOWTO
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
