This patches the busybox passwd source so that even root is not allowed to set a weak (too short) password. This enables us to define a minimum password length that is consistent over graphical interfaces (e.g. LuCI) and CLI.
Signed-off-by: Dan Luedtke <m...@danrl.com> --- .../utils/busybox/patches/900-prevent-weak-root-password.patch | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 package/utils/busybox/patches/900-prevent-weak-root-password.patch diff --git a/package/utils/busybox/patches/900-prevent-weak-root-password.patch b/package/utils/busybox/patches/900-prevent-weak-root-password.patch new file mode 100644 index 0000000000..932848bfbb --- /dev/null +++ b/package/utils/busybox/patches/900-prevent-weak-root-password.patch @@ -0,0 +1,10 @@ +--- a/loginutils/passwd.c ++++ b/loginutils/passwd.c +@@ -72,7 +72,6 @@ static char* new_password(const struct p + newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */ + if (ENABLE_FEATURE_PASSWD_WEAK_CHECK + && obscure(orig, newp, pw) +- && myuid != 0 + ) { + goto err_ret; /* non-root is not allowed to have weak passwd */ + } -- 2.11.0 _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev