From owner-freebsd-bugs Mon Aug 28 7: 4:44 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from pawn.primelocation.net (pawn.primelocation.net [205.161.238.235]) by hub.freebsd.org (Postfix) with ESMTP id 01DE737B422 for ; Mon, 28 Aug 2000 07:04:43 -0700 (PDT) Received: by pawn.primelocation.net (Postfix, from userid 1016) id 6C0389B05; Mon, 28 Aug 2000 10:04:42 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by pawn.primelocation.net (Postfix) with ESMTP id 5CE34BA03; Mon, 28 Aug 2000 10:04:42 -0400 (EDT) Date: Mon, 28 Aug 2000 10:04:42 -0400 (EDT) From: "Chris D. Faulhaber" X-Sender: cdf.lists@pawn.primelocation.net To: Oleg Saiko Cc: freebsd-bugs@FreeBSD.ORG Subject: Re: login allows user to login with wrong? password () In-Reply-To: <00d401c010f6$91cb6880$6300000a@osa> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 28 Aug 2000, Oleg Saiko wrote: > Hi guys, > Could you be so kind to explain me is it bug or feature: > I could login to the system typing the right_password+abracadabra. > Does login-program authenticates me by comparing real_password from the password list with the input_password that includes from real_password and any others letters at the end? > (I suppose strictly in this order) > IIRC, only the first 8 chars are significant with DES passwords whereas 128 are significant with MD5. ----- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message