/etc/shadow equivalent without a source license!

Daniel Ray norstar at tnl.UUCP
Sun Mar 5 10:49:15 AEST 1989


Hello everybody. I am trying to hack together a working equivalent to
the /etc/shadow scheme of unreadable passwords. I run a XENIX 386 v2.2.3
system, and only have a binary license. Working with the 'bpatch' binary
editor, I was planning to substitute the word 'shadow' for 'passwd' in
the text string appearances of '/etc/passwd' in the compiled object files
for: /bin/passwd, /etc/login, and /bin/su. (Then I would have cron periodic-
ally copy /etc/shadow to /etc/passwd except that the 2nd field would be
an 'x' in the public /etc/passwd version, while the real passwd file would
be /etc/shadow).

I think I could have made the scheme work except for one thing: /bin/passwd
does a chmod("/etc/passwd",444); somewhere before exiting, which is quite
proper for a PUBLIC passwd file. Only I want it to leave the mode as 400
for the substituted PRIVATE shadow file.

My question is: is there a way to use 'bpatch' on /bin/passwd so that I can
edit the mode 444 to mode 400. How would I identify the hex bytes that do
this chmod?? Is this more trouble than its worth (maybe I should find or
write my own /bin/passwd ???). I wish SCO and other UNIX sellers would
include the source code for these security-related programs as they do
for the UUCP dial program...as it stands now I'd have to fork over $60000
for the privilege! oh well..

Thanks if anyone can assist me in this!

dan
norstar
The Northern Lights, Burlington Vermont               |     Futility, like
tnl dialins: 802-865-3614 at 300-2400 bps.          ` | /   suffering, is
------------------------------------------        --- * --- a *hell* of a
uucp: uunet!uvm-gen!tnl!norstar or                  / | .   lot of fun!
{decvax,linus}!dartvax!uvm-gen!tnl!norstar            |     (Try it you'll
                                                            like it!!)



More information about the Comp.unix.questions mailing list