Subject: Re: passwd authentication bug
To: Zafer Aydogan <firstname.lastname@example.org>
From: Allen Briggs <email@example.com>
Date: 07/03/2007 16:08:52
On Tue, Jul 03, 2007 at 10:06:01PM +0200, Zafer Aydogan wrote:
> # passwd foobar
> Changing password for foobar.
> Unable to change auth token: failed to recover old authentication token
> instead of displaying that the user doesn't exists.
Isn't this intentional?
To not provide information about which users exist or not. Granted, for
root, it's not a big deal, but do we really need a separate code path
Allen Briggs | http://www.ninthwonder.com/~briggs/ | firstname.lastname@example.org