Page MenuHomeFreeBSD

Do not prompt for password if it's set to empty password
ClosedPublic

Authored by trasz on Dec 11 2020, 11:35 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 6, 8:13 AM
Unknown Object (File)
Wed, Dec 4, 2:33 PM
Unknown Object (File)
Sun, Nov 24, 11:36 AM
Unknown Object (File)
Sun, Nov 24, 11:36 AM
Unknown Object (File)
Sun, Nov 24, 11:36 AM
Unknown Object (File)
Nov 22 2024, 9:55 PM
Unknown Object (File)
Nov 19 2024, 8:21 AM
Unknown Object (File)
Nov 16 2024, 4:24 PM

Details

Summary

Make pam_unix(8) not prompt for password, if it's set to an empty
one - just like we don't prompt for password if the hash itself
is empty.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Add a separate option, "emptyok", so we can commit it without changing
the default behaviour.

lib/libpam/modules/pam_unix/pam_unix.c
97

Seems this should really be called emptypasswd.

127

Should we check for the option and flag before calling crypt()?

Seems ok to me. It would be best if someone more familiar with PAM would look at this.

This revision is now accepted and ready to land.Mar 31 2021, 4:15 PM