[Edgy] Why does the "Users and Group" config utility show a r oot user?
Richard Urwin
RUrwin at SRHSYSTEMS.com
Tue Nov 7 10:10:41 UTC 2006
From: Mario Vukelic [mailto:mario.vukelic at dantian.org]
>On Mon, 2006-11-06 at 16:13 +0100, Florian Diesch wrote:
>> It's just some string that is not valid result of crypt(3) (the
>> function
>> used to encrypt the passwords) so no password will ever match.
>>
>Exactly, and therefore the UI in users-admin should not show an
>8-character password.
I think you will find it shows an 8-character password for everybody. In
fact it cannot know how many characters there are in the clear text
password, because the encryption is one-way. When you type your password in
to be checked it encrypts it and checks against the encrypted version in
/etc/shadow.
It would be possible to detect a one character password in /etc/shadow and
mark the account as disabled in the GUI, and maybe that would be a good
idea. On the other hand that is just a convention; there are many other
possible ways of disabling the password - just choose a string that can
never be the result of the encryption.
[Posting from Windows - sorry for the broken thread.]
--
R Urwin
private
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
More information about the ubuntu-users
mailing list