Xref: utzoo comp.unix.questions:22782 alt.security:799
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!snorkelwacker!bloom-beacon!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.questions,alt.security
Subject: Re: How secure is UNIX?
Keywords: Security, ftp
Message-ID: <1990Jun8.175747.18776@athena.mit.edu>
Date: 8 Jun 90 17:57:47 GMT
References: <1990Jun4.102422.12896@agate.berke <1752@necis <1990Jun5.152004.15873@agate.berkeley.edu> <1990Jun7.161215.27328@chinet.chi.il.us> <1990Jun8.154523.5102@agate.berkeley.edu>
Sender: news@athena.mit.edu (News system)
Reply-To: jik@athena.mit.edu (Jonathan I. Kamens)
Organization: Massachusetts Institute of Technology
Lines: 47

In article <1990Jun8.154523.5102@agate.berkeley.edu>,
dankg@tornado.Berkeley.EDU (Dan KoGai) writes:
|> 	One of my accounts did:  Not this OCF account.  But losing files
|> are rather small problems.  What if your root password is illegally changed
|> by someone else?  If so unless you can replace /etc/passwd or yp, you can't
|> get back to root again (replace whole disk with carbon-copy image of
previous
|> backup?).

  Please do not try to post authoritatively about things concerning
which you are not an authority.

  There are very few Unix systems on which a system administrator with
the necessary access can't log on as the superuser, even if he doesn't
know the root password, as long as the machine is intact enough to boot
into single-user mode.

|> 	As long as we depend on crypt() to encrypt password and password file
|> is open to public, unix can never be secure enough--I wrote a 10-line C code
|> to crack it and successfully found my own password (Thank god this method
|> doesn't apply on Apollo where my OCF account resides but works any with
|> /etc/passwd.  And easily extendable to yp).  It took horrible time but this
|> kind of time is nothing compared to the prize it guarantees).

  I am becoming more and more convinced that you're flaming without much
justification about something about which you know little, and frankly,
it's getting a little irritating.

  Well-chosen passwords *are* secure enough in almost all situations,
even when the /etc/passwd file is world-readable.  The fact that you
wrote a C program to crack passwords and it successfully found yours
just means that your password was not well-chosen.  You can't blame Unix
for that.

|> 	I'm not at all UNIX guru but all I needed was how password protection
|> was implemented and decent C knowledge--both accessible.  We should at very
|> least separate encrypted password from finger entries.  And if possible,
|> replace dummy crypt() with something else--we don't need much speed for
|> login process, do we?

  Actually, I consider fast log-in time to be one of the most important
features in any given system.

Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8495			      Home: 617-782-0710