busybox: prevent weak root passwords

2025-07-29 13:46:49 +00:00 · 2017-12-08 06:53:41 +00:00 · 2017-12-08 06:53:41 +00:00 · 628ce14af4
commit 628ce14af4
parent 4b79f70f29
1 changed files with 10 additions and 0 deletions
--- a/packages/sysutils/busybox/patches/busybox-06-prevent-root-weak-passwd.patch
+++ b/packages/sysutils/busybox/patches/busybox-06-prevent-root-weak-passwd.patch
@ -0,0 +1,10 @@
+--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
+@@ -72,7 +72,6 @@ static char* new_password(const struct p
+ 	newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
+ 	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
+ 	 && obscure(orig, newp, pw)
+-	 && myuid != 0
+ 	) {
+ 		goto err_ret; /* non-root is not allowed to have weak passwd */
+ 	}