Another reason why a few sources should come with binary licenses

[Tanner Andrews]

] few progs need to see encrypted passwords in /etc/passwd, /etc/group
] therefore, have non-readable pw file containing this info.

Login, passwd, newgrp, and su are the main progs which require this
information.  However, in many cases, the password in /etc/passwd may
be used by some program that wants to be sure that the person using
it is really who we think it is.

Any prog may wish this information.  A database maintainer (real or
game) may wish to protect certain functions by requiring a password
which is matched against some /etc/passwd encrypted string.  This is
certainly a way offered by the documents to verify a person's identity.

As for the "dictionary" testing:  have a daemon go through there each
weekend, and flag those passwords that it can guess.  Have the "passwd"
prog use the dictionary and reject any passwords it finds there.  Have
a bulletin printed for your new users advising them that it is bad form
to use real words.

-- 
<std dsclm, copies upon request>	   Tanner Andrews, KI4PV
uucp:					...!decvax!ucf-cs!ki4pv!tanner