[colug-432] su broken on ...
Thomas W. cranston
cranston.thomas at gmail.com
Mon Feb 21 10:42:44 EST 2011
On 02/21/2011 09:39 AM, Richard Hornsby wrote:
> On Feb 21, 2011, at 09:27 , Rob Funk wrote:
>> On Monday, February 21, 2011 10:19:03 am Thomas W. cranston wrote:
>>> Getting a different number of characters is probably a symptom of
>>> something wrong.
>> I disagree completely. I've seen many systems that show some small number of
>> dots rather than dots matching the character count in the password. Keep in
>> mind that in a well-designed system, the actual password (including its
>> length) isn't even retrievable at all.
>> You're chasing a red herring here.
> I'm with Rob on this one. Your /etc/passwd (or /etc/shadow) contains one-way hashes. As far as I know, there is no way from that to actually determine the length of the stored password, at least not in any way that makes sense for the purposes of putting a series of *'s into a box. (Intentionally excluding password cracking tools like John the Ripper from this discussion.)
> You can certainly test this by changing your password to something of 5 characters, 10, 15, 20 etc and seeing if the "current password: ******" changes. However, this is a tangential distraction unlikely to lead you to why 'su' appears to be broken.
> colug-432 mailing list
> colug-432 at colug.net
Hmm. I'm wondering if he is getting the same behavior on both the
desktop and the laptop.
More information about the colug-432