Kmem security
Richard Tobin
richard at aiai.ed.ac.uk
Tue Mar 19 01:31:08 AEST 1991
In article <9103152251.41 at rmkhome.UUCP> rmk at rmkhome.UUCP (Rick Kelly) writes:
>Think about it. Look at the UNIX tools you have available. Consider the fact
>that /dev/kmem is a file. When anyone logs in, even root, login has to decrypt
>the password in /etc/password to compare it to the password typed it. This
>password in memory lays around for a while.
Though the user's password is stored in memory temporarily, it is
*not* the case that the encoded password in /etc/password is
decrypted. After all, if login could decrypt it, so could you. The
password the user types is used as a key to encrypt a fixed string
(all zeros) and the result is compared with the data from the password
file.
-- Richard
--
Richard Tobin, JANET: R.Tobin at uk.ac.ed
AI Applications Institute, ARPA: R.Tobin%uk.ac.ed at nsfnet-relay.ac.uk
Edinburgh University. UUCP: ...!ukc!ed.ac.uk!R.Tobin
More information about the Comp.unix.admin
mailing list