Security problem

Is it a feature or a bug ?

/home/auser# passwd
changing password for auser
New password : somepass
Retype new password : somepass

Then :

login : auser
password : somepass and everything else behind ???!!!

That seems to occur (including for the root account) when the password
is long of at least 6 characters and when the last character is

Romain PETIT
(cliquez sur le lien ci-dessus pour me contacter en privé)

rp <> wrote:

It is a behaviour.

For at least some versions (not sure if the security patch
changed this or not), QNX 4 just encrypted/used the first 8
letters of the password for matching. Sure, you could type
lots of letters, but only the first 8 were used.


David Gibbs
QNX Training Services