Next message: Brad Griffin: "(Fwd) AVP News for 06/10/1999 - VIRUS ALERT"
Hello.
Sorry if this is reported already. Didn't find it in Bugtraq archives nor in SuSE support db.
OS: SuSE Linux 6.1
Program: useradd
Package: shadow-980724
Problem description:
'useradd' command has an option '-p password' for specifying password to the newly added user.
(This option btw, does not appear anywhere in useradd man page)
If you specify this option along with a password, the password will be stored in /etc/shadow, but
in cleartext, creating 2 problems:�
1. The password is stored in cleartext
2. It of course does not work, for upon login an encrypted version of password is expected to be in
/etc/shadow.
PS. I could agree that specifying password in command-line can be considered quite dangerous,
however, if the option is there, it should either work correctly or not be there.
Emils Klotins e-mail: emilsat_private
Systems Manager URL: http://www.usis.bkc.lv/
USIS Riga 7 Smilsu Str., Riga LV1050, LATVIA
This archive was generated by hypermail 2b30
: Fri Apr 13 2001 - 14:49:06 PDT