Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!think!rutgers!lll-crg!lll-lcc!pyramid!ucat!scc!steiny
From: steiny@scc.UUCP (Don Steiny)
Newsgroups: net.unix-wizards
Subject: Re: Do not use blank lines in /etc/passwd
Message-ID: <774@scc.UUCP>
Date: Tue, 21-Oct-86 15:02:33 EDT
Article-I.D.: scc.774
Posted: Tue Oct 21 15:02:33 1986
Date-Received: Wed, 22-Oct-86 22:39:23 EDT
References: <4701@brl-smoke.ARPA> <2837@rsch.WISC.EDU>
Organization: Don Steiny Software
Lines: 19

In article <2837@rsch.WISC.EDU>, mcvoy@rsch.WISC.EDU (Lawrence W. McVoy) writes:
> > use nearly-blank lines like
> >
> >x:*:0:0:                                                             ::
> 
> Umm, could be sort of a security hole in itself:  if anyone can make a
> a match to the "*" you have let them enter the system as root (uid==0).

	I am sure many people will point this out, but '*' represents
the ENCRYPTIFIED password, which must have a two character key and thus
be at least 3 characters.   There is no possiblity of '*' ever being
a password.

-- 
scc!steiny
Don Steiny @ Don Steiny Software 
109 Torrey Pine Terrace
Santa Cruz, Calif. 95060
(408) 425-0382