Vulnerability Development mailing list archives
Re: \'useradd -p\' problems.
From: Steve Mickeler <steve () neptune on ca>
Date: Tue, 28 Aug 2001 15:54:17 -0400 (EDT)
On Tue, 28 Aug 2001 joetesta () hushmail com wrote:
Hi -- On my Trustix 1.2 box, I noticed that creating a user with 'useradd' and the '-p' option (which gives the new user a default password) does not hash the password in /etc/shadow:
did you happen to 'man useradd' before posting this ? -p passwd The encrypted password, as returned by crypt(3). The default is to disable the account. "man crypt" would be your next adventure.
This bug doesn't seem exploitible for two reasons:
Thats because its not a bug. Todays root password is brought to you by /dev/random .-------------------------------------. | Steve Mickeler * Network Operations | +-------------------------------------+ | Neptune Internet Services | `-------------------------------------' 1024D/ACB58D4F = 0227 164B D680 9E13 9168 AE28 843F 57D7 ACB5 8D4F
Current thread:
- \'useradd -p\' problems. joetesta (Aug 28)
- Re: \'useradd -p\' problems. Steve Mickeler (Aug 28)
- Re: \'useradd -p\' problems. Gordon Messmer (Aug 28)
- Re: \'useradd -p\' problems. Blue Boar (Aug 28)
- Re: \'useradd -p\' problems. Blue Boar (Aug 28)