Reason for -p option in useradd

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Reason for -p option in useradd

Adam Gleave
I've searched the archives and (re)read the man page of useradd, but I
can't understand why the -p option exists. To me, I can see no way of
using it safely (securely) as it can display on the process listing.

Admittedly, there might be some use for it that I haven't thought of -
but in it's current form it seems far to easy to reveal a passwd hash;
the only application I can think of is when no one other than trusted
users have access to the process listing.

Despite that, I think it would be better - although less clean - to have
the pasword passwed on stdin.

So, my question is: why is it like it currently is?

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: Reason for -p option in useradd

Joachim Schipper
On Sat, Dec 31, 2005 at 01:51:53PM +0000, Adam Gleave wrote:

> I've searched the archives and (re)read the man page of useradd, but I
> can't understand why the -p option exists. To me, I can see no way of
> using it safely (securely) as it can display on the process listing.
>
> Admittedly, there might be some use for it that I haven't thought of -
> but in it's current form it seems far to easy to reveal a passwd hash;
> the only application I can think of is when no one other than trusted
> users have access to the process listing.
>
> Despite that, I think it would be better - although less clean - to have
> the pasword passwed on stdin.
>
> So, my question is: why is it like it currently is?

I wouldn't be all that surprised if this was in the POSIX specs.

                Joachim

Reply | Threaded
Open this post in threaded view
|

Re: Reason for -p option in useradd

Nick Holland
In reply to this post by Adam Gleave
Adam Gleave wrote:
> I've searched the archives and (re)read the man page of useradd, but I
> can't understand why the -p option exists. To me, I can see no way of
> using it safely (securely) as it can display on the process listing.
>
> Admittedly, there might be some use for it that I haven't thought of -
> but in it's current form it seems far to easy to reveal a passwd hash;
> the only application I can think of is when no one other than trusted
> users have access to the process listing.

you mean...like maybe no one other than a system administrator is logged
into the machine?

Not every system has non-administrative users getting shell access.
Not every system has someone seeing a process listing for a fraction of
the right second as the biggest security risk.

> Despite that, I think it would be better - although less clean - to have
> the pasword passwed on stdin.
>
> So, my question is: why is it like it currently is?
>
> Thanks

Case where I used this option: initial setup of user accounts on a
school's mail server.  No one but one teacher and I had shell access on
the mail server.  To minimize the headaches, all students initially had
the same password anyway.  Even if someone was watching and saw the
hashed password, they learned something difficult to use they could have
learned in a much easier way through other means.  Yes, giving everyone
the same initial PW is "wrong", but I can assure you, AS IT WAS, it took
the teacher an ENTIRE CLASS PERIOD to get the students logged in the
first time and changing their PWs.  This wasn't the most computer savvy
group in the world.  I can't imagine how long it would have taken if she
had to help EACH student, one-by-one, change unique PWs.

And you know, if one or two of them figured out that they could get into
someone else's e-mail account this way, I'd call that a GOOD thing --
they were thinking, and maybe they understand what the teacher said
about "don't trust e-mail, you don't really know who sent something to
you".  If I helped people distrust a non-authenticated form of
communications, great.

OpenBSD isn't about disabling things that could possibly be improperly
used.  Virtually every feature has risk associated with it of SOME kind.

Nick.

Reply | Threaded
Open this post in threaded view
|

Re: Reason for -p option in useradd

J.C. Roberts-2
On Sat, 31 Dec 2005 12:19:38 -0500, Nick Holland
<[hidden email]> wrote:

>Virtually every feature has risk associated with it of SOME kind.
 ^^^^^^^^^

Congratulations Nick! -In the final hours you have succeeded in having
the best/worst punn of 2005. ;-)

JCR