Another reason why a few sources should come with binary licenses
Mark Draughn
draughn at iitcs.UUCP
Wed Sep 4 12:06:46 AEST 1985
In article <1149 at brl-tgr.ARPA> root%bostonu.csnet at csnet-relay.arpa (BostonU SysMgr) writes:
[...]
>Here's another one that was just brought up on the SECURITY mailing list.
>If user's are not careful about password creation (and people are just
>people) then a reasonably determined cracker can grab the encrypted string
>in /etc/passwd and run it against dictionaries (this is all well documented
>in "The Security of UNIX", I think that was Kernighan, sorry, working from
>memory here.)
>
>A trivial defense (used I believe years ago at Harvard and probably lots
>of other source sites) was to make /etc/passwd a dummy file (so most
>software is undisturbed) which does not contain encrypted strings but
>otherwise is publicly readable. You then create another, unreadable,
>copy (call it /etc/passwd.nr) with the strings. The only two programs
>that I can think of that use those encrypted strings (as delivered) are
>login.c and passwd.c, just modify those to use the unreadable version (easy.)
>It would also be handy to have a script that can be run that builds the
>readable from the unreadable when it is modified (easy.)
[...]
In my UNIX manual it is pointed out several times that it is a crock
that user information (office, name, shell, etc.) is stored in the
password file. It should be in a separate database. So far, it
isn't. I guess it would be easier to move the passwords than it
would be to move anything else. This should be a standard part
of UNIX.
(Not that I don't think that a few source files would be nice. I am at
a university so we have source, but we also run VMS without source
and I wish I had it.)
More information about the Comp.unix.wizards
mailing list