>> Suggestions: >> - When importing with CMU use the -p option so all the password will be >> changed, also change the default password in /etc/cmu/cobaltBase.xml >> (userPasswd).
> Thanks for some great suggestions, Jeff. I'm a bit confused over what > the -p option does <frown>. Does it change all passwords to the value > of userPasswd? Yes it does, when CMU adds the user to the system the password in userPasswd is used, since CMU does not know the plain text password. After all the users are added, CMU then changes the user entries in /etc/shadow to the crypt or md5 password stored in the cmu.xml file (this is where the secuirty problem was). When cmuImport is run with the -p option it will not replace the userPasswd in /etc/shadow. Jeff- _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
