Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!munnari.oz.au!manuel!csc.canberra.edu.au!news
From: rvp@softserver.canberra.edu.au (Rey Paulo)
Newsgroups: comp.unix.questions
Subject: Re:  What does '*' symbol in /etc/passwd means?
Message-ID: <1991Jun14.002427.6120@csc.canberra.edu.au>
Date: 14 Jun 91 00:24:27 GMT
References: <27176@adm.brl.mil>
Sender: Rey V. Paulo
Organization: University of Canberra
Lines: 23

In article <27176@adm.brl.mil> aeba-im-o-e2@berlin-emh1.army.mil ( IM EMAIL ASST SYS ADMIN) writes:
>>>Also, could be a convention for locking the login.  If the superuser
>>>had typed in the '*', then noone can log in as bin.  I know of several
>>>systems that used the '*' symbol to lock logins.  "used" is past tense
>>>because they ran into problems using it as it is a UNIX metacharacter.
>                                                   ^^^^^^^ a lie ^^^^^
>
>A few people have asked me to be specific about what problems were had.
>Well, I lied.  The problem was not due to the fact that '*' can be special.
>After checking with the person that told me not to use '*' in the password
>field, I find that the real reason was that the security scripts in Hayden's
>UNIX System Security by Kochan and Wood would choke on the '*'.
>

The reason why '*' is used to lock login is because '*' is not in the 
encrypted alphabet of the crypt algorithm.  Hence, it is impossible for
the encryption program to generate a string with a '*'.

-- 
Rey V. Paulo                  | Internet:  rvp@csc.canberra.edu.au 
University of Canberra        | I am not bound to please thee with my answer. 
AUSTRALIA                     |         -Shylock, in "The Merchant of Venice" 
------------------------------+----------------------------------------------