Re: etc/passwd file
From:Date: 10/29/02
- Next message: Nick Maclaren: "Re: etc/passwd file"
- Previous message: 2Host.com - Robert: "Re: [Q] How to implement SSL Logout Page ?"
- In reply to: Bill Unruh: "Re: etc/passwd file"
- Next in thread: Nick Maclaren: "Re: etc/passwd file"
- Reply: Nick Maclaren: "Re: etc/passwd file"
- Reply: Bill Unruh: "Re: etc/passwd file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Oct 2002 13:51:12 +0000 (UTC)
In article <apjt6r$1ne$1@nntp.itservices.ubc.ca>, unruh@string.physics.ubc.ca (Bill Unruh) writes:
>david20@alpha1.mdx.ac.uk (David Webb) writes:
>
>]In article <apcro9$pjo$1@spacebar.ucc.usyd.edu.au>, "tina" <comp5019@hotmail.com> writes:
>]>why is the /etc/passwd file not hidden
>]>to make the system more secure?
>]>
>]>
>
>]/etc/passwd is world readable because when they developed Unix no one
>]thought about the security implications of anyone being able to read
>]the encrypted passwords. It really was another world when Unix was being
>]developed.
>
>Untrue. It was made open to ensure that the system designers designed
>the password storage system so that even if the password database was
>known to all, it would still be secure. Password hiding is not a very
>effective form of security.
>
??????
What the hell does that mean ?
Making the passwd database world readable meant anyone could take a copy of the
encrypted passwords and crack them at their leisure. As far as I am aware there
were no facilities forcing users to choose strong passwords or making them
change the passwords at short intervals. Basically this password system wasn't
designed with a great deal of thought about password cracking.
The systems were much slower hence it would take longer to crack the passwords
but that is no excuse for bad design.
Since one of the passwords in the world readable passwd database was to root
how could anybody have "designed the password storage system so that even if
the password database was known to all, it would still be secure".
All I can say is if that were the design criteria then they failed miserably.
What do you mean by "password hiding is not a very effective form of security".
Assuming you have protected your system so that someone can't become root -
if they can then passwords are the last of your worries - then restricting
access to the passwords just to root greatly improves security.
In the modern world you may want to look at non-password solutions -
biometrics, smartcards, certificates etc but those solutions were not available
at the time.
David Webb
VMS and Unix team leader
CCSS
Middlesex University
>
>]When they were forced to think about it too many applications depended upon
>]other information in /etc/passwd being world readable.
>
>?? They? They designed it that way on purpose.
>
>]Hence the development of the shadow password cludge - leaving all the other
>]information in the world readable /etc/passwd file and putting the sensitive
>]password information in another more secure file.
>
>Kludge? Well, yes, if you continue to use the crypt(3) passwords then it
>is a kludge.
>
>]
>]David Webb
>]VMS and Unix team leader
>]CCSS
>]Middlesex University
>
- Next message: Nick Maclaren: "Re: etc/passwd file"
- Previous message: 2Host.com - Robert: "Re: [Q] How to implement SSL Logout Page ?"
- In reply to: Bill Unruh: "Re: etc/passwd file"
- Next in thread: Nick Maclaren: "Re: etc/passwd file"
- Reply: Nick Maclaren: "Re: etc/passwd file"
- Reply: Bill Unruh: "Re: etc/passwd file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
