This may only be specific to my system so here are the notable things: - Linux-PAM (set passwords to blowfish as pam seems to handle them) - shadow (without blowfish patch (does not work well with Linux-PAM)) - uClibc
Now, the problem: 1) passwords that do not match the password fail as expected, but only when the part that is incorrect based off the actual password size (length) 2) the password itself works 3) Anything after the actual password size will pass, irregardless example: password = abcd 1) a = fail 2) acdd = fail 3) acdde = fail 4) abcd = pass 5) abcde = pass 6) abcd09824t6jkdjf93t293tiwegfskjeg = pass !! Now, this may be directly from Linux-PAM itself, I do not know if the shadow passwords patch without Linux-PAM has this problem. Can anybody reproduce this on their system (including the non-Linux Pam shadow blowfish systems)? -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
