Krzysztof Oledzki
2003-Sep-24 14:54 UTC
Fix checking password from /etc/passwd and /etc/shadow
Hello, This patch fix order of checking password in systems that contains /etc/shadow file (Linux for example). The order is exactly like in linux-shadow-password package. First is checked /etc/passwd but if password field contains "x" then password is read from /etc/shadow instead. Best regards, Krzysztof Ol?dzki -------------- next part -------------- A non-text attachment was scrubbed... Name: passwd-shadow-check-order.gz Type: application/octet-stream Size: 378 bytes Desc: Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030924/f15e0296/attachment.obj
Ben Lindstrom
2003-Sep-24 15:07 UTC
Fix checking password from /etc/passwd and /etc/shadow
Umm.. Two words on this patch.. "HELL NO" - Ben On Wed, 24 Sep 2003, Krzysztof Oledzki wrote:> Hello, > > This patch fix order of checking password in systems that contains > /etc/shadow file (Linux for example). The order is exactly like in > linux-shadow-password package. First is checked /etc/passwd but if > password field contains "x" then password is read from /etc/shadow > instead. > > Best regards, > > > Krzysztof Ol?dzki >
Michael Steffens
2003-Sep-24 15:12 UTC
Fix checking password from /etc/passwd and /etc/shadow
Krzysztof Oledzki wrote:> Hello, > > This patch fix order of checking password in systems that contains > /etc/shadow file (Linux for example). The order is exactly like in > linux-shadow-password package. First is checked /etc/passwd but if > password field contains "x" then password is read from /etc/shadow > instead.What is wrong with the current approach of first checking /etc/shadow using getspnam, falling back to /etc/passwd if the first didn't return anything? Reversing that order and making the decision depend on a non-zero value returned from /etc/passwd ("x", "*", whatever?) looks like making it more complicated to me. Cheers! Michael