*lock* considered empty?
Darren Tucker
dtucker at zip.com.au
Sat Oct 18 23:13:16 EST 2003
"Jeff A. Earickson" wrote:
> This logic seems really fragile. For crypt() based passwords,
> I would think that "anything not 13 chars long is locked". Isn't
> MD5 also a fixed length too, with the same idea?
No, I don't think we should do that. I think it was even discussed
previously.
We're specifically after accounts locked by the admin with "passwd -l" or
equivalent. There are other password strings (eg a literal "NP" on
Solaris, which means "No Password authentication") which do not mean the
account is locked.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list