Date: Thu, 13 Jul 1995 22:36:07 -0700 (PDT) From: Nathan Lawson <nlawson@statler.csc.calpoly.edu> To: cmetz@sundance.itd.nrl.navy.mil (Craig Metz) Cc: mjk@plaza.ds.adp.com, skey-users@thumper.bellcore.com, bugs@freebsd.org Subject: Re: OPIE and shadow passwords Message-ID: <199507140536.WAA14708@statler.csc.calpoly.edu> In-Reply-To: <9507132052.aa19902@cs.nrl.navy.mil> from "Craig Metz" at Jul 13, 95 03:52:18 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > As FreeBSD uses it's own form of shadow passwords, the encrypted > >password fields in /etc/passwd have been replaced with "*" characters. > >Thus, OPIE's lookupuser() in login.c and su.c fail, as they check to > >see if the password is "stared out": > > We developed NRL OPIE 2.0 primarily on BSD/OS 2.0 and 4.4BSD. > Both of these use the 4.4BSD shadow password system, which will properly > fill in the pwent pw_passwd field if the calling process has the appropriate > (usually superuser) priveleges. In my opinion, if the FreeBSD team decided > to break this behavior, they have done the wrong thing. The password system in FreeBSD follows the 4.4BSD model. You are correct in assuming that it will fill in the pw_passwd field when the process has the proper privileges. I don't see what this guy's problem is, but perhaps his login/su are running with the wrong privs. (Works fine for me) -- Nathan Lawson \ Never let your schooling interfere with your education. CSL 490/News Admin \ (805)756-7180 @Work \ "The steady state of disks is full." -- Ken Thompson ---------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507140536.WAA14708>