Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 8 May 1997 22:33:01 +0300 (EEST)
From:      Narvi <narvi@haldjas.folklore.ee>
To:        vova@folco.lms.ru
Cc:        freebsd-gnats-submit@FreeBSD.ORG, GNATS Management <gnats@FreeBSD.ORG>, freebsd-ports@hub.freebsd.org
Subject:   Re: ports/3540: sudo package don't accept passwords longer then 8 characters
Message-ID:  <Pine.BSF.3.96.970508223117.7084B-100000@haldjas.folklore.ee>
In-Reply-To: <199705080857.BAA16735@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 


On Thu, 8 May 1997 vova@folco.lms.ru wrote:

> 
> >Number:         3540
> >Category:       ports
> >Synopsis:       sudo package don't accept passwords longer then 8 characters
> >Confidential:   no
> >Severity:       non-critical
> >Priority:       low
> >Responsible:    freebsd-ports
> >State:          open
> >Class:          sw-bug
> >Submitter-Id:   current-users
> >Arrival-Date:   Thu May  8 02:00:01 PDT 1997
> >Last-Modified:
> >Originator:     Vladimr B. Grebenschikov
> >Organization:
> PlugCom
> >Release:        2.2-RELEASE
> >Environment:
> FreeBSD folco.lms.ru 2.2-RELEASE FreeBSD 2.2-RELEASE #0: Thu Mar 27 15:11:35 MSK 1997     vova@folco.lms.ru:/usr/src/sys/compile/Folco  i386
> 
> >Description:
> I can't do sudo with password longer 8 chars
> sudo v1.5.3
> 
> >How-To-Repeat:
> setup your password longer 8 chars, include yourself to sudoers file
> run sudo
> 
> >Fix:
> I fix it very stupid:
> 
> --- ports/security/sudo/work/sudo.v1.5.3/compat.h~   Thu Nov 14 05:37:21 1996
> +++ ports/security/sudo/work/sudo.v1.5.3/compat.h    Thu May  8 12:45:06 1997
> @@ -104,7 +104,7 @@
>  #        if (SHADOW_TYPE != SPW_NONE)
>  #          define _PASSWD_LEN  24
>  #        else
> -#          define _PASSWD_LEN  8
> +#          define _PASSWD_LEN  24

Hey! you just increased the value to 24 but didn't solve the problem -
sudo shouldn't care, how long passwd I have, but cope with it without an
overflow. Think of all the people who use sentences for their passwords.

	Sander

>  #        endif /* SHADOW_TYPE != SPW_NONE */
>  #      endif /* PASS_MAX */
>  #    endif /* !_PASSWD_LEN */
> 
> 
> >Audit-Trail:
> >Unformatted:
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970508223117.7084B-100000>