mirror of
https://github.com/systemd/systemd.git
synced 2025-02-14 05:57:40 +03:00
fc58c0c7bf
Let's use "!*" instead of "!!" as invalid password string. Generally, any invalid password string can be used to for locking an account, according to shadow(5). To temporarily lock a password of an account it is commonly implemented to prefix the original password with a single "!", so that it can later on be unlocked again by removing the "!", restoring the original password. Thus, the "!" marker is an indicator for a locked password; the act of prefixing "!" to a password string is the locking operation; and the removal of a "!" prefix is the unlock operation. (This is also suggested in shadow(5)). If we want to entirely lock an account we previously used "!!" as password string. This is nice since it indicates the password is locked. However, it is less than ideal, since applying the password unlock operation once will change the string to "!", which is still a locked password. Unlocking the password a second time will result in "", i.e. the empty password, which will in many cases allow logging in without password. And that's a problem. Hopefully, tools do not allow such duplicate unlocking, but it's still not a nice property. By changing our password string to "!*" we get different behaviour: the password will appear locked. When it is unlocked the password is "*" which is an invalid password. In that case the password is hence unlocked but invalid, which is a much better state to be in than the above. This is paranoia hardening. Not more. There's no report that anyone every unlocked an account twice and people could log in.
System and Service Manager
Details
General information about systemd can be found in the systemd Wiki.
Information about build requirements is provided in the README file.
Consult our NEWS file for information about what's new in the most recent systemd versions.
Please see the Hacking guide for information on how to hack on systemd and test your modifications.
Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.
When preparing patches for systemd, please follow our Coding Style Guidelines.
If you are looking for support, please contact our mailing list or join our IRC channel.
Stable branches with backported patches are available in the stable repo.