Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!mcvax!botter!gregor
From: gregor@cs.vu.nl (Greg Sharp)
Newsgroups: comp.os.minix
Subject: Bug in passwd
Message-ID: <1141@botter.cs.vu.nl>
Date: Tue, 14-Apr-87 11:19:58 EST
Article-I.D.: botter.1141
Posted: Tue Apr 14 11:19:58 1987
Date-Received: Sun, 19-Apr-87 04:24:55 EST
Sender: remote@cs.vu.nl
Reply-To: gregor@cs.vu.nl (Greg Sharp)
Distribution: world
Organization: V.U. Informatica, Amsterdam
Lines: 20


I don't know if this bug has been reported before but, just in case:

At present the passwd program allows you to enter null passwords.  If you
replace a non-null password with a null password it corrupts the password
file.  It rewrites the file and unfortunately a null password uses less
space in the password file than a non-null password.  There is a little
tail at the end.
The safest fix is to disallow null passwords.
In the file passwd.c in the commands directory add the following code
after line 50:
/* this is line 50 */
	strcpy (password, getpass("New password: "));
/* new code */
	if (password[0] == '\0') {
		std_err("password cannot be null\n");
		exit(1);
	}

gregor@cs.vu.nl