Security
pc at ukc.UUCP
pc at ukc.UUCP
Fri Jul 8 19:56:34 AEST 1983
If people are REALLY WORRIED about the decryption of passwords
why not move the passwords to another file, which is read-only
by root. After all only passwd and login need to access the file
and both of them are setuid.
At UKC, we have user populations of 600-700 and have totally
replaced the password file by a binary file with some integral
number of bytes per user. This means that random access can be used
to access an individual entry. Other keys to the password file (such
as login name and in our case the user's system id) are abstracted
to a set of very small files which are kept in uid
order - these files can be opened and searched very easily.
For compatibility purposes we generate /etc/passwd every night (with
no passwords) and passwords are never printed even in their encrypted
form.
One of the benefits of a binary password file is that the record for
each user can be much bigger. We currently store a set of limits
which are applied at login time and we plan to put in the set of
groups which can be used for 4.1c/4.2.
Peter Collinson
{mcvax, vax135} !ukc!pc
More information about the Comp.unix.wizards
mailing list