1656 – root password considered expired if SIA is not enabled

Bug 1656 - root password considered expired if SIA is not enabled

Summary: root password considered expired if SIA is not enabled

Status:	NEW

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	5.2p1
Hardware:	Alpha Tru64

Importance:	P2 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-09-30 18:31 AEST by Thomas Quinot
Modified:	2009-09-30 18:31 AEST (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Quinot 2009-09-30 18:31:45 AEST

On a Tru64 5.1A machine where ENHANCED security is not enabled, configure builds in SIA support anyway, and auth-sia does not check whether the security level is BASE or ENHANCED prior to checking password expiration.

So, when logging in as root, the user is prompted for a new password, but in BASE security mode, the password change date is not recorded by passwd(1) (and remains 0), and the next login attempt fails in the same way.