Path: utzoo!attcan!uunet!cs.utexas.edu!usc!ucsd!ucbvax!PICA.ARMY.MIL!drears
From: drears@PICA.ARMY.MIL ("Dennis G. Rears ", FSAC)
Newsgroups: comp.protocols.tcp-ip
Subject: Re:  abolishing /etc/passwd (was Re: anonymous ftp, and the dangers thereof)
Message-ID: <9006071619.aa00500@CAESAR.PICA.ARMY.MIL>
Date: 7 Jun 90 20:19:03 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 24


"Steven M. Schultz" <sms@wlv.imsd.contel.com> writes:
>
>>From: att!cbnewsh!wcs@ucbvax.Berkeley.EDU  (Bill Stewart erebus.att.com!wcs)
>>References: <6703@blake.acs.washington.edu>, <28764@ut-emx.UUCP>
>>
>>	/etc/passwd has become the traditional location for user-info
>>	other than passwords, so of course it needs to be kept,
>>	but I agree with the shadow-password approach that puts 
>>	(encrypted) passwords in a non-world-readable file.
>
>	just a "thought" - if the (shadow)file is non-world readable and the
>	system is administered "correctly" then why bother with
>	encryption at all ;-)

   Just in case one of the system admins is a bad guy or becomes a
bad guy.  I have three passwords for 30+ systems of which I only
administrate 12 of them.  If my password was available in the clear to
system administrators on the other machines, they would have my passwords
to all my accounts which is not a good idea.  Also, what do you do when
you fire a system administrator for bad conduct?  If he had access to
those clear passwords, every password would have to be changed.

Dennis