Greg Hudson writes:
>On another note, Perry and Thor had this bit of non-communication:
>>> toor typically had no password.
>> Um, you should really check your facts before you go spewing
>> nonsense like this.
>
>When you see someone saying something "obviously wrong" like this,
>stop a second and try to figure out if they might have just said it
>ambiguously.  Perry obviously meant "there typically exists no
>password will let you log in as toor," not, "toor typically had an
>empty second field in the passwd file."

That's not the natural interpretation. And it'd make some sense, if it
weren't for allegations that there is a legitimate pasecurity concern
here.

Greg, just how does an account to which *no* password can ever grant
access (save for su'ing from root, which means you're already root)
constitute a security issue?