Path: utzoo!attcan!uunet!snorkelwacker!bloom-beacon!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.questions
Subject: Re: How secure is UNIX? (Re: Stupid man pages)
Message-ID: <1990Jun6.214607.9435@athena.mit.edu>
Date: 6 Jun 90 21:46:07 GMT
References: <1990May23.100928.10699@agate.berkeley.edu> <720015@hpclapd.HP.COM>
Sender: news@athena.mit.edu (News system)
Reply-To: jik@athena.mit.edu (Jonathan I. Kamens)
Organization: Massachusetts Institute of Technology
Lines: 29

In article <720015@hpclapd.HP.COM>, defaria@hpclapd.HP.COM (Andy
DeFaria) writes:
|> I'm no security guru on Unix but  it seems to  me that the  way around this
|> problem  would  be to remove  this silly  restriction  and  allow  ftp (and
|> others?) to send encrypted passwords to the other host.

  I thought I already explained this.  Sigh.

  Let's assume that what you said is possible.  In that case, I do the
following:

1. Log into your machine.
2. Grab the encrypted password for root out of the (publicly readable)
   /etc/passwd.
3. "Ftp localhost".
4. Use username "root", and the encrypted password I've already snarfed.

Presto, I've just ftp'd as root, without ever knowing the root password!

  There is a fundamental concept you're missing -- the act of encrypting
the password and comparing it to the password in /etc/passwd is the
authentication; if you don't do the encryption, you haven't proven anything.

  (How many times am I going to have to explain this?)

Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8495			      Home: 617-782-0710