SVR3 passwd changes mode of passwd file

David Elliott dce at mips.COM
Sat Sep 24 15:01:38 AEST 1988


In article <7 at marvin.UUCP> jsp at marvin.UUCP (Johnnie Peters) writes:
>	It is entirely reasonable for passwd to set the modes of /etc/passwd
>to 0444.  I fyou don't believe this try working for a company like Unisys
>in O.S. support for unix.  The first time a customer calls and says things
>like:
>
>	I just accidentaly deleted my passwd file.  What can I do?
>
>	I saved the passwd file and now it wont let anybody on.  What
>	do I do?
>
>	I forgot the root password.  What do I do?
>
>you will understand why the passwd file is protected as well as possible.

I don't buy it.  I've worked in OS support for Unix for my entire
career, and yes I've heard these same questions.

Of all of these, only the first comment gives a reason to have the
password file protected in this way (protecting the file won't keep
them from breaking the file or forgetting the root password, will it?),
and only then because they have to say "rm -f /etc/passwd" or answer
"y" when asked to remove it.  This isn't protecting against truly
unfortunate accidents.

I have no problem with shipping the password file as mode 0444, and if
the user leaves that alone, there's no problem.  If the user really
wants that file to be mode 0644, they may just decide to go out of
their way to keep it that way.

-- 
David Elliott		dce at mips.com  or  {ames,prls,pyramid,decwrl}!mips!dce



More information about the Comp.unix.questions mailing list