* man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,

man/useradd.8.xml: Added note to warn about insecurity in using --password. * man/groupmod.8.xml: Removed not regarding default if --password is not used. This was a cut&paste from groupadd.8.xml. * man/passwd.1.xml: Split some paragraphs. * man/passwd.1.xml: Recommend other encryption methods than DES.
2009-04-27 20:29:43 +00:00 · 2009-04-27 20:29:43 +00:00 · 76b51939aa
commit 76b51939aa
parent 91fc51387c
6 changed files with 42 additions and 8 deletions
--- a/10
+++ b/10
@ -1,3 +1,13 @@
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
+	man/useradd.8.xml: Added note to warn about insecurity in using
+	--password.
+	* man/groupmod.8.xml: Removed not regarding default if --password
+	is not used. This was a cut&paste from groupadd.8.xml.
+	* man/passwd.1.xml: Split some paragraphs.
+	* man/passwd.1.xml: Recommend other encryption methods than DES.
+
 2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>

 	* src/login.c: Move update_utmp() after the PID or session ID
--- a/man/groupadd.8.xml
+++ b/man/groupadd.8.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
   Copyright (c) 1991       , Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
   All rights reserved.
  
   Redistribution and use in source and binary forms, with or without
@ -150,6 +150,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>. The default is to disable the password.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
      </varlistentry>
      <varlistentry>
--- a/man/groupmod.8.xml
+++ b/man/groupmod.8.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
   Copyright (c) 1991       , Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
   All rights reserved.
  
   Redistribution and use in source and binary forms, with or without
@ -127,7 +127,12 @@
 	  <para>
 	    The encrypted password, as returned by <citerefentry>
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
-	    </citerefentry>. The default is to disable the password.
+	    </citerefentry>.
+	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
 	  </para>
 	</listitem>
      </varlistentry>
--- a/man/passwd.1.xml
+++ b/man/passwd.1.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
   Copyright (c) 1989 - 1994, Julianne Frances Haugh
-   Copyright (c) 2007 - 2008, Nicolas François
+   Copyright (c) 2007 - 2009, Nicolas François
   All rights reserved.
  
   Redistribution and use in source and binary forms, with or without
@ -125,9 +125,10 @@
      <title>Hints for user passwords</title>
      <para>
 	The security of a password depends upon the strength of the
-	encryption algorithm and the size of the key space. The
+	encryption algorithm and the size of the key space. The legacy
 	<emphasis>UNIX</emphasis> System encryption method is based on the
-	NBS DES algorithm and is very secure. The size of the key space
+	NBS DES algorithm. More recent methods are now recommended (see
+	<option>ENCRYPT_METHOD</option>). The size of the key space
 	depends upon the randomness of the password which is selected.
      </para>

@ -337,9 +338,12 @@
  <refsect1 id='caveats'>
    <title>CAVEATS</title>
    <para>
-      Not all options may be supported. Password complexity checking may
+      Password complexity checking may
      vary from site to site. The user is urged to select a password as
-      complex as he or she feels comfortable with. Users may not be able to 
+      complex as he or she feels comfortable with.
+    </para>
+    <para>
+      Users may not be able to 
      change their password on a system if NIS is enabled and they are not 
      logged into the NIS server.
    </para>
--- a/man/useradd.8.xml
+++ b/man/useradd.8.xml
@ -383,6 +383,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>. The default is to disable the account.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
      </varlistentry>
      <varlistentry>
--- a/man/usermod.8.xml
+++ b/man/usermod.8.xml
@ -230,6 +230,11 @@
 	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
 	    </citerefentry>.
 	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
 	</listitem>
      </varlistentry>
      <varlistentry>