Quick security question
Monty J. Harder
mjharder at gmail.com
Tue Feb 20 14:01:23 CST 2007
On 2/19/07, Dave Hull <dphull at gmail.com> wrote:
> It's interesting that the passwd program when run as a normal user on
> RHEL (I assume other distros too), prompts for the user's "UNIX"
> password.
There's a very good reason to do this. From inside the software that
I support at work, a user can theoretically have three different login
credentials:
1. A Windows username/password just to get into their PC/workgroup/domain
2. A Unix username/password to get into the server
3. An application user NUMBER/password.
This is complicated by the fact that some parts of the country would
routinely set up Unix users with names like 'user12' for the person
who logs into the app as '12'. The passwords for these things are, of
course, set in different ways, and managed in different places. It's
possible for our app to have a custom menu option that calls passwd
to set the Unix password for a user; it's important that the person
understand this distinction. (The actual passwd binary probably was
originally written as a gnu drop-in replacement for the SysV passwd.)
More information about the Kclug
mailing list