[plug] No passwd for user

Anthony J. Breeds-Taurima tony at cantech.net.au
Fri Aug 2 11:08:32 WST 2002


On Fri, 2 Aug 2002, Harry McNally wrote:

> My question is: were you advising Mr Alien to change just the entry in
> /etc/pam.d/passwd ?

In /etc/pam.d/login and /etc/pam.d/passwd
 
> Alternatively, for his idea to work, must he also change the auth entries for
> services to which the user is allowed access ?

No, all the auth stuff will trust the contents of /etc/passwd (and
/etc/shadow).  so if they say the user has no password then the user has no
password.
 
> I acknowledge that this allows the user to negate security somewhat (alot!) but
> I'm interested from the general PAM adjustment perspective.

The user can _only_ set a null password if the sysAdmin. has said they can.
To my way of thinking this means that only the sysAdmin can really negate
security. (ignoring system crackers and bad local users).

To be honnext I don't know if what I told LA will work I haven't tried and
wont (I'm just not that crazy).  I should have added a disclaimer to my
email but didn't think to.


Yours Tony

   Jan 22-25 2003           Linux.Conf.AU            http://linux.conf.au/
		  The Australian Linux Technical Conference!



More information about the plug mailing list