Passwd change security (was CVS update: samba/source)
davecb at Canada.Sun.COM
Fri Mar 20 14:38:11 GMT 1998
Jeremy Allison wrote:
> Now with a bit of work, and wrapping the change
> password code in a become_root()/unbecome_root()
> pair we should be able to make use of the fact
> that calling the passwd program as root allows
> a users password to be changed without needing
> the old cleartext password.
While I think this is good/sane/advisable, I should
mention that this makes the password slightly
weaker than it would be on standard unix.
The normal passwd program asks for the old
password to make sure someone hasn't sat
down at my machine while I'm logged on
to bug me by changing my password. This
prevents a denial-of-service attack.
If the pc client is already doing this (and
Windows 95/NT **APPEARS** to), it's a non-problem.
Anyone know if WfW and NT < 4 do it correctly?
Indeed, anyone know if 95/NT4 are really correct?
David Collier-Brown, | Always do right. This will gratify some people
185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
Willowdale, Ontario | davecb at hobbes.ss.org, canada.sun.com
M2N 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb
More information about the samba-technical