https://bugzilla.novell.com/show_bug.cgi?id=221233 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Comment #14 from kukuk@novell.com 2006-12-20 05:35 MST ------- To be honest: No, without this patch it is not possible to find out if a user exists or not. You can only find out that this user is not allowed to login. One reason may be that the user does not exist, but this is only one of many. For a lot of other reasons you may wish that users is not able at all to enter their password. Between, that patch is wrong and introduces the security problem it claims to fix. Depending on the application/PAM configuration you will now be asked six times for a password. And this one will really only happen if the account does not exist, in no other cases. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.