[4447] in testers
Re: linux 8.4-beta: oddities.
daemon@ATHENA.MIT.EDU (Greg Hudson)
Sun Jun 11 10:17:32 2000
Date: Sun, 11 Jun 2000 10:17:23 -0400
Message-Id: <200006111417.KAA01091@egyptian-gods.mit.edu>
From: Greg Hudson <ghudson@MIT.EDU>
To: Greg Hudson <ghudson@MIT.EDU>
Cc: Jacob Morzinski <jmorzins@MIT.EDU>, testers@MIT.EDU
In-Reply-To: <200006101418.KAA29473@small-gods.mit.edu>
> Specifically, because jmorzins already exists in the passwd file,
> libal assumes your passwd state is all set up and doesn't add you to
> the shadow file. telnetd or rlogind don't care, but sshd is picky
> and won't let you in if you have no shadow record.
Looking at the code, it's even more specific than this: sshd is only
picky if your password field is "x" (which means "look in the shadow
file for the password for this user"). I think that's reasonable, so
sshd doesn't need to be modified.
I'm not sure whether libal should be modified to add shadow passwd
entries when a user is in the passwd file already. It would require
changes to the session file format, and it complicates the split
between locally managed account information and Athena-managed account
information. Still, it would be mildly useful, since you could feel
secure about your passwd entry not being modified by Hesiod-spoofing
and yet still have a shadow passwd entry based on the password you
logged in with, if any. On the third hand, local shadow entries are
less useful now that we have xss instead of xscreensaver, and they've
always been kind of insecure since they're only based on the first
eight characters of the password, so I'm not sure how much effort
should be put into making them happen.
At a minimum, such a change is probably too complicated for 8.4 at
this point, and there is a very simple workaround (put "*" instead of
"x" in the password field) which will make sshd behave properly.
