Re: etc/passwd file
From: Bill Unruh (unruh@string.physics.ubc.ca)Date: 10/29/02
- Next message: Bill Unruh: "Re: etc/passwd file"
- Previous message: Dragan Cvetkovic: "Re: Unix ist tatsächlich Scheiße"
- In reply to: : "Re: etc/passwd file"
- Next in thread: Richard Caley: "Re: etc/passwd file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: unruh@string.physics.ubc.ca (Bill Unruh) Date: 29 Oct 2002 19:15:35 GMT
david20@alpha1.mdx.ac.uk (David Webb) writes:
]In article <apjt6r$1ne$1@nntp.itservices.ubc.ca>, unruh@string.physics.ubc.ca (Bill Unruh) writes:
]>david20@alpha1.mdx.ac.uk (David Webb) writes:
]>
]>]In article <apcro9$pjo$1@spacebar.ucc.usyd.edu.au>, "tina" <comp5019@hotmail.com> writes:
]>]>why is the /etc/passwd file not hidden
]>]>to make the system more secure?
]>]>
]>]>
]>
]>]/etc/passwd is world readable because when they developed Unix no one
]>]thought about the security implications of anyone being able to read
]>]the encrypted passwords. It really was another world when Unix was being
]>]developed.
]>
]>Untrue. It was made open to ensure that the system designers designed
]>the password storage system so that even if the password database was
]>known to all, it would still be secure. Password hiding is not a very
]>effective form of security.
]>
]??????
]What the hell does that mean ?
]Making the passwd database world readable meant anyone could take a copy of the
]encrypted passwords and crack them at their leisure. As far as I am aware there
Yes, so the password hashing algorithm had better be good. That is the
primary line of defense. The algorithm chosen was the stronges they knew
of ( a DES variant) and was also slowed down to the max possible extent
that the response to login would not take many seconds.
That the computer power has risen steadily since then is not their
fault, especially when they predicted at the time that the algorithm
would only be good for 10 years or so. It has lasted much longer and has
been at least as robust as they expected.
]were no facilities forcing users to choose strong passwords or making them
]change the passwords at short intervals. Basically this password system wasn't
There were. But they were not needed until about 10 years ago when
computers became fast enough to do exhaustive dictionary searches.
]designed with a great deal of thought about password cracking.
Yes they were.
]The systems were much slower hence it would take longer to crack the passwords
]but that is no excuse for bad design.
]Since one of the passwords in the world readable passwd database was to root
]how could anybody have "designed the password storage system so that even if
]the password database was known to all, it would still be secure".
]All I can say is if that were the design criteria then they failed miserably.
???
]What do you mean by "password hiding is not a very effective form of security".
]Assuming you have protected your system so that someone can't become root -
]if they can then passwords are the last of your worries - then restricting
]access to the passwords just to root greatly improves security.
That was the dominant line of thought at the time, and it proved
woefully inadequate. If you want the password file, you can almost
always get it. If by nothing else than stealing backup tapes. Hiding
passwords certainly helps, but it the equivalent of maybe two or three
bits in the password length-- ie helpful but no great shakes.
]In the modern world you may want to look at non-password solutions -
]biometrics, smartcards, certificates etc but those solutions were not available
]at the time.
- Next message: Bill Unruh: "Re: etc/passwd file"
- Previous message: Dragan Cvetkovic: "Re: Unix ist tatsächlich Scheiße"
- In reply to: : "Re: etc/passwd file"
- Next in thread: Richard Caley: "Re: etc/passwd file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
