[clug] banning passwords in passwd

Cameron Patrick cameron at patrick.wattle.id.au
Wed Nov 15 07:50:02 GMT 2006


Michael James wrote:

> But if any of them run  "passwd",  it responds by putting the
>  (encrypted) password in the world-readable /etc/passwd file.

You can disable this through pam.  In particular /etc/pam.d/passwd.  (On
my Debian-based system this just @includes /etc/pam.d/common-password
which is also used by any other software which may want to change user
passwords.)

Cameron



More information about the linux mailing list