Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!lll-winken!csustan!csun!csuchico!ronald
From: ronald@csuchico.EDU (Ronald Cole)
Newsgroups: comp.bugs.sys5
Subject: Re: weird bug with passwd and /dev/syscon
Message-ID: <886@csuchic.csuchico.EDU>
Date: Thu, 29-Oct-87 14:01:10 EST
Article-I.D.: csuchic.886
Posted: Thu Oct 29 14:01:10 1987
Date-Received: Fri, 6-Nov-87 20:51:27 EST
References: <298@boole.acc.virginia.edu> <260@slxsys.co.uk>
Organization: California State University, Chico
Lines: 24
Summary: ",.." explained

In article <260@slxsys.co.uk>, jpp@slxsys.co.uk (John Pettitt) writes:
> In article <298@boole.acc.virginia.edu> ejc@boole.acc.virginia.edu (Elizabeth Cummings) writes:
> >                                                   ( we put ",.." in the 
> >password field of all new accounts)
> 
> ",.." in /etc/passwd ! I hope you dont allow dial'ins now you have told
> the world !

Since I didn't see a smiley, I thought I might explain.  I believe Elizabeth
was referring to the practice of appending ",.." to the encrypted password
in new user's entries in the /etc/passwd file.  This causes the password to
be expired the next time that a user logs onto the system.

Here at CSU, Chico, new users fill out forms with their login and password and
these are kept on file.  Having the user change their password the first time
they log in ensures that their password is secure (should someone break into
the computer room and leaf through the file of account forms).  I believe that
this is a more secure management technique than just giving new users no
at all!

-- 
Ronald Cole				| uucp:     ihnp4!csun!csuchic!ronald
AT&T 3B5 System Manager			| PhoneNet: ronald@csuchico.edu
California State University, Chico	| voice     (916) 895-4635
	"... and if you don't like it, you must lump it." -Joseph Smith