[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Admin/root password security hole

Subject: Re: [cobalt-users] Admin/root password security hole
From: "Fathi Said" <fathi@xxxxxx>
Date: Sat Apr 22 00:53:57 2000
Organization: Hosting-Network, Inc.

Cassandra,

> Tonight, my server granted me access pointblank, with only 10/14
characters
> in the password entered.  I was able to access root in this manner as
well.
> I logged out and attempted this several times, with several versions of my
> password.  The server granted me access as long as I had the first eight
> characters.
> Obviously, this is a gaping security hole.  Has anyone else had this
> problem?  Any solutions, other than the obvious of having a shorter
> password?

This is not a security hole, this is Linux. You cannot have passwords longer
than 8 characters -- I mean, you can, but everthing over character #8 will
be ignored. The same applies for all user passwords, I think.

Regards,
Fathi

Follow-Ups:
- Re: [cobalt-users] Admin/root password security hole
  - From: Michael Zimmermann
- Re: [cobalt-users] Admin/root password security hole
  - From: Chris Adams

References:
- [cobalt-users] Admin/root password security hole
  - From: connected

Prev by Date: [cobalt-users] Admin/root password security hole
Next by Date: Re: [cobalt-users] Newbie Question on User's Email Raq3
Previous by thread: [cobalt-users] Admin/root password security hole
Next by thread: Re: [cobalt-users] Admin/root password security hole

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index