Date: Wed, 10 May 2000 15:32:00 +0200 From: "Luc.Beurton" <Luc.Beurton@univ-ubs.fr> To: security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output Message-ID: <20000510153159.A23888@moorea.univ-ubs.fr> In-Reply-To: <20000510145508.M46065@vuurwerk.nl>; from Peter van Dijk on Wed, May 10, 2000 at 02:55:08PM %2B0200 References: <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com> <20000509150609.L42267@vuurwerk.nl> <20000509215515.B29766@cc942873-a.ewndsr1.nj.home.com> <20000510140053.G46065@vuurwerk.nl> <3.0.5.32.20000510055246.009b9100@infidel.boolean.net> <20000510145508.M46065@vuurwerk.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Actually, the use of "password" could mask a change... consider > > > > < root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/bash > > --- > > > root:(password):0:0::0:0:Charlie &:/root:/usr/local/bin/tcsh > > > > The admin would likely assume only the shell has changed even > > though password may have changed. > > Now _there_ is a good point. We need password1/password2 for security. > Damn. Maybe, the solution could be to crypt the crypted password like this ? awk 'BEGIN{FS=":";OFS=":"}($2){CMD="echo \""$2"\"| /sbin/md5";CMD|getline $2;close(CMD)}{print}' Or add flag -d -f to md5, something like : diff /var/backup/master.passwd.bak /etc/master.passwd | md5 -d: -f2 I don't know if md5 is secure enough with a small string . Luc Beurton. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000510153159.A23888>