OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Andrew Brown (atatatatatdot.net)
Date: Thu Jan 25 2001 - 12:48:24 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    >Right now, as it stands, /etc/security prints that message out no
    >matter what if field two of the password file is not thirteen or
    >twenty characters long. (What is twenty characters for?)

    20 characters is for md5 based passwords. you're using current, so a
    quick look at passwd.conf (sorry, there's no example in the tree)
    should give you an idea of this.

    >I propose that we distinguish between accounts that are not password
    >loginable and accounts that are off by using different characters for
    >the second field -- something other than * -- and that I then hack the
    >/etc/security script to properly note this distinction and ignore the
    >accounts that are intentionally on but password disabled.
    >
    >Comments?

    to get around this, i always use the string ActiveAccount in the
    password field. it's 13 characters and /etc/security doesn't
    complain. you could always use ClosedAccount as well. or
    SystemAccount. use your imagination. 

    -- 
|-----< "CODE WARRIOR" >-----|
codewarriordaemon.org             * "ah!  i see you have the internet
twofsonetgraffiti.com (Andrew Brown)                that goes *ping*!"
andrewcrossbar.com       * "information is power -- share the wealth."