本文共 1351 字，大约阅读时间需要 4 分钟。

前言

对passwd做了些完善，给同事测试，说不好使。原因是/etc/pam.d/system-auth中配置的策略项不好使。

去看了下passwd检查口令安全性的实现，果真没有读取/etc/pam.d/system-auth的内容…，只读取了etc/login.defs.

/*	 * The scam is this - a password of only one character type	 * must be 8 letters long.  Two types, 7, and so on.	 */

其实口令至少要有多长，已经在etc/login.defs做了限制，已经检查了.

修正后的代码

/* * a nice mix of characters. */static bool simple (unused const char *old, const char *new){	bool digits = false;	bool uppers = false;	bool lowers = false;	bool others = false;	int size;	int i;	for (i = 0; '\0' != new[i]; i++) {		if (isdigit (new[i])) {			digits = true;		} else if (isupper (new[i])) {			uppers = true;		} else if (islower (new[i])) {			lowers = true;		} else {			others = true;		}	}	// 至少有3种情况才合格	size = 0;	if (digits) {		size++;	}	if (uppers) {		size++;	}	if (lowers) {		size++;	}	if (others) {		size++;	}	return (size < 3); // return true is password too simple	/*	 * The scam is this - a password of only one character type	 * must be 8 letters long.  Two types, 7, and so on.	 */	/*	size = 9;	if (digits) {		size--;	}	if (uppers) {		size--;	}	if (lowers) {		size--;	}	if (others) {		size--;	}	if (size <= i) {		return false;	}	*/	// return true;}

转载地址：https://lostspeed.blog.csdn.net/article/details/80714714 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！