This seems to be caused by a segfault, so I imagine this is not intended!
Tracking down the cause...
James
On Tue, 29 Sep 2015, James Clarke wrote:
Whilst looking through the code in utils/login.c, I noticed a security issue.
Even if --paranoid is set, if you give it a UID that doesn’t exist
Whilst looking through the code in utils/login.c, I noticed a security issue.
Even if --paranoid is set, if you give it a UID that doesn’t exist (login
treats it as a UID if the first character is a digit, with no fallback to
treating it as a username), it will exit without prompting for a passw
