Path: utzoo!attcan!uunet!aplcen!uakari.primate.wisc.edu!zaphod.mps.ohio-state.edu!mips!pacbell.com!pacbell!att!ulysses!ulysses.att.com!smb
From: smb@ulysses.att.com (Steven Bellovin)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: abolishing /etc/passwd (was Re: anonymous ftp, and the dangers thereof)
Message-ID: <13078@ulysses.att.com>
Date: 8 Jun 90 01:07:09 GMT
References: <9006060704.AA02343@WLV.IMSD.CONTEL.COM>
Sender: netnews@ulysses.att.com
Lines: 7

In article <9006060704.AA02343@WLV.IMSD.CONTEL.COM>, sms@WLV.IMSD.CONTEL.COM (Steven M. Schultz) writes:
> 	just a "thought" - if the (shadow)file is non-world readable and the
> 	system is administered "correctly" then why bother with
> 	encryption at all ;-)

Go back and read the Morris/Thompson paper.  Basically, files can leak,
due to carelessness, bugs, hard-copy terminals, backup tapes, etc.