On Sat, Jan 10, 2026 at 11:05:09PM +0100, Marc Haber wrote: > On Sat, Jan 10, 2026 at 03:18:17PM -0600, Serge E. Hallyn wrote: > > So, just to be clear, you think all would be fine if we accept * followed > > by anything, and ! not followed by anything? > > I would still prefer that a low level tool like chpasswd would still allow > the sysadmin to shoot themselves in the foot, but I would live with > consistency at least.
I too would prefer to live in a world where we could let the sysadmin shoot themselves in the foot. The problem is that malicious actors tend to find ways to run things as administrators, leading to exploit chains.
