Abigail <[EMAIL PROTECTED]> writes:
> On Tue, Feb 18, 2003 at 07:11:05AM -0800, Michael R. Wolf wrote:
[...]
> > I don't see that the /s is necessary. Can a password really contain a
> > newline?
>
> Since we don't know what the passwords are for, that's a bit hard
> to answer.
OK. Good defensive programming. It just seemed overly-defensive....
> Clearly it's not traditional Unix passwords - the
> optional requirement of at most 14 characters would be silly in
> that case. Nevertheless, AFAIK, Unix passwords may have newlines
> in them. My Debian system certainly allows newlines in passwords
> but it's not using the traditional crypt(), but an MD5 hash instead.
> I haven't tried entering it at the login prompt,
especially given that you hadn't tested it....
> but from the shell
> newlines can be entered by typing <CTRL-V><CTRL-J>, and then at least
> you would be able to 'su' to the account.
but at least I now understand what your rationale is, and that you
were actually trying to allow newlines in the password as an explicit
choice.
Thanks.....
--
Michael R. Wolf
All mammals learn by playing!
[EMAIL PROTECTED]
