>From: wonko@blackhole.arkham.net (Brian Hechinger )
>
>matthew green drunkenly mumbled...
>> 
>> if i'm root, i can change the password file manually.  why should
>> passwd(1) ask me for a password when i can make it anything i like
>> anyway ?
>
>that's it, i'm going to bed.  nevermind. :)

Don't give up that easily.

I know that on one occasion, a user forgot her password, and called me
up to change it.  Having been up for about 3 days at that point, I
accidentally typed just "passwd" instead of "passwd user".  When the
user called back later saying she still couldn't get in, I figured I
had just fat-fingered her password twice in the same way, so I reset
it for her, correctly this time.

The next day, when I couldn't log in as root, I realized what I had
done, and (fortunately) remembered the password I had tried to set for
the user.

I realize that the general UNIX philosophy is "if you screw up, well,
you screwed up."  But I think there's a case that could be made here
that requiring root's old password when changing root's password wou;d
be a useful safety feature to keep us from breaking our own machines.

Cheers,
entropy

--
entropy -- it's not just a good idea, it's the second law.

This message may refer to a product containing software developed by
Christopher G. Demetriou for the NetBSD Project.