Bug 4035
Summary: | adduser/useradd command has undocumented option which does the wrong thing | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | plussier |
Component: | shadow-utils | Assignee: | Cristian Gafton <gafton> |
Status: | CLOSED NEXTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.0 | CC: | dmartin |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-07-15 16:44:18 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
plussier
1999-07-14 17:06:24 UTC
I have verified this to be true on a standard 6.0 install. I am assigning it to a developer for further review. How can an undocumented feature do the WRONG thing?! The argument for the -p is the encrypted string, period. ------- Additional Comments From 07/15/99 14:07 ------- I have no problem with the -p option only taking an encrypted string, I have a problem with the fact that it's use is in no way documented *anywhere*. Therefore it is not obvious nor intuitive that the string argument to the -p option is *supposed* to be encrypted. The fact that it takes any string and just places it into the passwd/shadow file is wrong. If the person mistakenly places a string that is plaintext on the command line, there is no error checking what-so-ever to ensure it is, in fact, an encrypted string. If a plaintext string gets placed into the passwd/shadow files (which is does currently) that account will never be capable of being logged into, since the string in the file is assumed to be encrypted. Therefore, no matter what the user types for a password, nothing will ever encrypt to match what's in the file. Commit pushed to master at https://github.com/openshift/origin https://github.com/openshift/origin/commit/b70701335543115b7ec3bfbd2f8475cae2c1d104 Fix for issue #4035 - internally generated router keys are not unique. (In reply to openshift-github-bot from comment #3) > Commit pushed to master at https://github.com/openshift/origin > > https://github.com/openshift/origin/commit/ > b70701335543115b7ec3bfbd2f8475cae2c1d104 > Fix for issue #4035 - internally generated router keys are not unique. Go HOME, openshift-github-bot, You Are Drunk (or whomever programmed you was). |