[Pkg-shadow-commits] r2826 - in upstream/trunk: . man

Nicolas FRANÇOIS nekral-guest at alioth.debian.org
Mon Apr 27 20:29:43 UTC 2009 

Author: nekral-guest
Date: 2009-04-27 20:29:43 +0000 (Mon, 27 Apr 2009)
New Revision: 2826

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/man/groupadd.8.xml
   upstream/trunk/man/groupmod.8.xml
   upstream/trunk/man/passwd.1.xml
   upstream/trunk/man/useradd.8.xml
   upstream/trunk/man/usermod.8.xml
Log:
	* man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
	man/useradd.8.xml: Added note to warn about insecurity in using
	--password.
	* man/groupmod.8.xml: Removed not regarding default if --password
	is not used. This was a cut&paste from groupadd.8.xml.
	* man/passwd.1.xml: Split some paragraphs.
	* man/passwd.1.xml: Recommend other encryption methods than DES.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/ChangeLog	2009-04-27 20:29:43 UTC (rev 2826)
@@ -1,5 +1,15 @@
 2009-04-27  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
+	man/useradd.8.xml: Added note to warn about insecurity in using
+	--password.
+	* man/groupmod.8.xml: Removed not regarding default if --password
+	is not used. This was a cut&paste from groupadd.8.xml.
+	* man/passwd.1.xml: Split some paragraphs.
+	* man/passwd.1.xml: Recommend other encryption methods than DES.
+
+2009-04-27  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* src/login.c: Move update_utmp() after the PID or session ID
 	changed in order to get more accurate data in UTMP. This also
 	fixes "exec login" when login in installed setuid.

Modified: upstream/trunk/man/groupadd.8.xml
===================================================================
--- upstream/trunk/man/groupadd.8.xml	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/man/groupadd.8.xml	2009-04-27 20:29:43 UTC (rev 2826)
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
    Copyright (c) 1991       , Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
    All rights reserved.
   
    Redistribution and use in source and binary forms, with or without
@@ -150,6 +150,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>. The default is to disable the password.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
       </varlistentry>
       <varlistentry>

Modified: upstream/trunk/man/groupmod.8.xml
===================================================================
--- upstream/trunk/man/groupmod.8.xml	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/man/groupmod.8.xml	2009-04-27 20:29:43 UTC (rev 2826)
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
    Copyright (c) 1991       , Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
    All rights reserved.
   
    Redistribution and use in source and binary forms, with or without
@@ -127,8 +127,13 @@
 	  <para>
 	    The encrypted password, as returned by <citerefentry>
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
-	    </citerefentry>. The default is to disable the password.
+	    </citerefentry>.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
       </varlistentry>
     </variablelist>

Modified: upstream/trunk/man/passwd.1.xml
===================================================================
--- upstream/trunk/man/passwd.1.xml	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/man/passwd.1.xml	2009-04-27 20:29:43 UTC (rev 2826)
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
    Copyright (c) 1989 - 1994, Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
    All rights reserved.
   
    Redistribution and use in source and binary forms, with or without
@@ -125,9 +125,10 @@
       <title>Hints for user passwords</title>
       <para>
 	The security of a password depends upon the strength of the
-	encryption algorithm and the size of the key space. The
+	encryption algorithm and the size of the key space. The legacy
 	<emphasis>UNIX</emphasis> System encryption method is based on the
-	NBS DES algorithm and is very secure. The size of the key space
+	NBS DES algorithm. More recent methods are now recommended (see
+	<option>ENCRYPT_METHOD</option>). The size of the key space
 	depends upon the randomness of the password which is selected.
       </para>
 
@@ -337,9 +338,12 @@
   <refsect1 id='caveats'>
     <title>CAVEATS</title>
     <para>
-      Not all options may be supported. Password complexity checking may
+      Password complexity checking may
       vary from site to site. The user is urged to select a password as
-      complex as he or she feels comfortable with. Users may not be able to 
+      complex as he or she feels comfortable with.
+    </para>
+    <para>
+      Users may not be able to 
       change their password on a system if NIS is enabled and they are not 
       logged into the NIS server.
     </para>

Modified: upstream/trunk/man/useradd.8.xml
===================================================================
--- upstream/trunk/man/useradd.8.xml	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/man/useradd.8.xml	2009-04-27 20:29:43 UTC (rev 2826)
@@ -383,6 +383,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>. The default is to disable the account.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
       </varlistentry>
       <varlistentry>

Modified: upstream/trunk/man/usermod.8.xml
===================================================================
--- upstream/trunk/man/usermod.8.xml	2009-04-27 20:25:23 UTC (rev 2825)
+++ upstream/trunk/man/usermod.8.xml	2009-04-27 20:29:43 UTC (rev 2826)
@@ -230,6 +230,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
       </varlistentry>
       <varlistentry>

More information about the Pkg-shadow-commits mailing list