[marck@rinet.ru: Re: adduser and passwords]

From: Max Khon (fjoe@iclub.nsu.ru)
Date: 10/12/01

Date: Fri, 12 Oct 2001 17:10:22 +0700
From: Max Khon <fjoe@iclub.nsu.ru>
To: security@freebsd.org

hi, there!

Seems like a good idea. I thought just about the same today
when I was adding user who will be able to login only using DSA auth.
Any objections if I commit this?

----- Forwarded message from Dmitry Morozovsky <marck@rinet.ru> -----

Date: Fri, 12 Oct 2001 13:35:44 +0400 (MSD)
From: Dmitry Morozovsky <marck@rinet.ru>
To: William Wong <willwong@samurai.com>
Cc: freebsd-stable@FreeBSD.ORG
Subject: Re: adduser and passwords

On Fri, 12 Oct 2001, William Wong wrote:


Here is quick'n'dirty fix to adduser (this should be done more politely,
sure ;-) to put '*' when password is empty to not open your system with
passwordless user between adding new user and changing its password.

Index: adduser.perl
RCS file: /home/ncvs/src/usr.sbin/adduser/adduser.perl,v
retrieving revision
diff -u -r1.44.2.2 adduser.perl
--- adduser.perl 2001/07/30 23:56:48
+++ adduser.perl 2001/10/12 09:35:23
@@ -710,7 +710,7 @@
        if (&new_users_ok) {
            $new_users_ok = 1;

- $cryptpwd = "";
+ $cryptpwd = "*";
            $cryptpwd = crypt($password, &salt) if $password ne "";
            # obscure perl bug
            $new_entry = "$name\:" . "$cryptpwd" .

----- End forwarded message -----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: Add user in Unix from command Line
    ... "adduser" but with no luck. ... And also i wanted to know that when i login as a regular user and then ... do work as root, not just have the abilities to modify files, etc. ...
  • Re: Add user in Unix from command Line
    ... "adduser" but with no luck. ... Adduser is just a link to useradd on RHEL/CentOS, ... It must be set before you can login. ... user in the centos remotely from the command line. ...
  • Re: Who owns /dev/dsp?
    ... your system access. ... An "adduser <login> audio" is the better solution. ...