[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] pro's and cons of not letting GUI change ro ot password
- Subject: Re: [cobalt-security] pro's and cons of not letting GUI change ro ot password
- From: "Jelmer Jellema" <cobalt@xxxxxxxxxxxxxxx>
- Date: Tue, 5 Mar 2002 08:54:11 +0100
- Organization: Spin in het Web (www.spininhetweb.nl)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
From: "Gerald Waugh" <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
> > My mistake, then. Is there anyone with a test RaQ 4 who could just test
what
> > this button does?
>
> I have one, but I am away for the day, I'll check it this evening.
> Did, you read the pwreset script?
Yeah, I did. It seems it chooses a new root password in the following way:
1. It assigns "*" to the root password
2. It looks in /etc/passwd.master for another one, if it finds it, it uses
that one.
In my /etc/passwd.master there is an empty root password and I *think* the
regex in pwreset allows for that. That would mean it does not lock the root
password, but resets it, as long as the empty password is in
/etc/passwd.master
Thanks for the thoughts,
Jelmer