Bug 15627 - The pdbedit command does not limit the password length
Summary: The pdbedit command does not limit the password length
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools (show other bugs)
Version: unspecified
Hardware: All Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-04-10 12:45 UTC by He Xing
Modified: 2024-04-11 14:38 UTC (History)
1 user (show)

See Also:

Attachments
add check for password length when adding users by pdbedit (1.15 KB, patch)
2024-04-11 14:38 UTC, eaglegai 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description He Xing 2024-04-10 12:45:48 UTC 
I'm not sure if it's a usage issue, or if it's a command pdbedit bug. Run the pdbedit command to add a password length restriction policy. The pdbedit command is not restricted by the policy when adding users. Hope can help me.


Create a test10 user:
adduser test10

Run the following command to limit the length of the password:
pdbedit -P "min password length" -C 16

Use the following command to add users, but are not restricted by the above command: 
pdbedit -a -u test10

pdbedit -P "min password length" (The default length limit is 5.)
 When you enter a password, you can add users even if you enter a single digit.

It is not restricted by the account password policy, I have verified it in many versions, and it is the same situation.

Looking forward to hearing from you。
Comment 1 eaglegai 2024-04-11 14:36:03 UTC 
there are no checks about password length when add users by pdbedit.
i think we can add check at new_user(), and i push a patch(add-password-length-check-for-pdbedit.patch) about this.
Comment 2 eaglegai 2024-04-11 14:38:01 UTC 
Created attachment 18285 [details]
add check for password length when adding users by pdbedit