[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Security Issue?

Subject: Re: [cobalt-users] Security Issue?
From: Jason Woods <cobalt-ml@xxxxxxxxxxxxxxx>
Date: Fri Mar 22 10:15:06 2002
Organization: Oakland Corporation
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Dan Kriwitsky wrote:
> 
> > I was wondering if anyone has seen this kind of madness on a
> > raq or other rh linux based system.  If I create the password
> > <12345!> for my admin user account and then try logging in
> > using, say, <12345> withouth the !, it lets me in no problem.
> >  I noticed this works for the shell and the gui, so it's not
> > some ssh glitch.  Does this have something to with the use of
> > <> in the password?
> >
> 
> How many characters? The way, (I think it's a Linux limitation), works
> is everything after 8 characters is tossed. So if it's <12345678> then
> everything after 7 would be out. I'm not sure about non alphanumeric
> characters. I don't think that's a problem, but someone may know.
> --
> Dan Kriwitsky
> 
> 

Tis a shame.  MD5 passwords can be up to 256 characters.  I believe the
RaQ2 and Qube2 are afflicted with this.  I haven't tested that
particular item on a Qube3, but I believe Cobalt uses MD5 passwords on a
RaQ3 and everything newer than it.

-- 
Jason Woods
Oakland Corporation
jwoods@xxxxxxxxxxxxxxx

References:
- RE: [cobalt-users] Security Issue?
  - From: Dan Kriwitsky

Prev by Date: Re: [cobalt-users] Load Average High
Next by Date: Re: [cobalt-users] Redirecting - Why? (kinda newbie)
Previous by thread: RE: [cobalt-users] Security Issue?
Next by thread: RE: [cobalt-users] Security Issue?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index