Great Circle Associates List-Managers
(February 1998)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Poll/Voting Facility (fwd)
From: "Nathan J. Mehl" <nmehl @ leftbank . com>
Date: Wed, 11 Feb 1998 10:41:57 -0500
To: Marilyn Davis <marilyn @ deliberate . com>
Cc: Aaron Schrab <aaron+lm @ schrab . com>, list-managers @ GreatCircle . COM, development @ deliberate . com
In-reply-to: <m0y2Vvg-000ieIC @ rosa . deliberate . com>; from Marilyn Davis on Tue, Feb 10, 1998 at 10:45:56PM -0800
References: <19980211003259 . 52495 @ fnord . guru . execpc . com> <m0y2Vvg-000ieIC @ rosa . deliberate . com>

In the immortal words of Marilyn Davis (marilyn @
 deliberate .
> Norbert Bollow taught us about the '*' in the encrypted password field
> of the password file producing a new user that only root can access.
> This is just what we need and solves all arguments.  There is no
> reason to chose a priority.
> Is part of Linux security *not* to document such an excellent security
> feature?  :^)


Try "man passwd".  Oh hell, here's the relevant excerpt:

       Passwd  is an ASCII file which contains a list of the sys-
       tem's users and the passwords they must  use  for  access.
       The  password  file  should have read access for everyone,
       which is ok because of the encryption,  but  write  access
       only  for the superuser.  If you create a new login, leave
       the password field empty and use passwd(1) to fill it.   A
       star  or  something like that in the password field means,
       that this user can not login via login(1). 

Now, admittedly, there's nothing in, say, the RedHat Users Guide
that jumps up and says "hey!  here's how to make a null user!" 
but then again it's sort of obvious from looking at the passwd
file itself...


The life of a sysadmin is always intense!
Nathan J. Mehl   ---   The LeftBank Operation
nmehl @
 leftbank .
 com --
A Global Internet Company.

Indexed By Date Previous: Re: Poll/Voting Facility (fwd)
From: marilyn @ deliberate . com (Marilyn Davis)
Next: Fw: BOUNCE and Zombie Processes
From: "Siamak Farah" <sia @ infostreet . com>
Indexed By Thread Previous: Re: Poll/Voting Facility (fwd)
From: marilyn @ deliberate . com (Marilyn Davis)
Next: Re: Poll/Voting Facility (fwd)
From: John Jacq <jjjacq @ ozemail . com . au>

Search Internet Search