Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!van-bc!ubc-cs!pphillip From: pphillip@cs.ubc.ca (Peter Phillips) Newsgroups: comp.sys.apollo Subject: Re: security problems Message-ID: <8481@ubc-cs.UUCP> Date: 29 Jun 90 02:31:58 GMT References: <9006281331.AA07122@richter.mit.edu> <1990Jun28.144947.13139@terminator.cc.umich.edu> Sender: news@cs.ubc.ca Organization: University of British Columbia, Vancouver, B.C., Canada Lines: 36 In article <1990Jun28.144947.13139@terminator.cc.umich.edu> rees@citi.umich.edu (Jim Rees) writes: >In article <9006281331.AA07122@richter.mit.edu>, >krowitz%richter@UMIX.CC.UMICH.EDU (David Krowitz) writes: ...[ stuff about CBW deleted ]... > > I don't see much that an average > system administrator can do about Unix password encryption since > the *&^%!!! system puts the ^%%HASD&^%%%!!! passwords in a file > which *MUST* be publicly readable ... it's things like this that > make me *HATE* Unix. > >I think the rationale is that you shouldn't depend on hiding passwords for >security, and that making the password file world readable forces you to use >a secure encryption method instead. I agree that this is a pain and should >be changed. World readable or not, you had better use a secure encryption method. The password file might not be readable but that doesn't mean the contents are inivisible to everyone. A bug in the OS might inadvertantly allow users to trivially read the contents. Or, a piece of paper containing password information might be found in a dumpster. Or perhaps the paging system can be manipulated to look at files. Who knows? If the method of encryption isn't secure enough then the system isn't secure regardless of the permissions on the password file. The real problem is users who pick poor passwords. Having a world readable password file does make it easier for a cracker to do high-speed automated guessing but hiding the file doesn't prevent guessing, it just slows it down a bit. Check out alt.security for some good discussions of the pros and cons of hiding the password file. --- Peter Phillips, UBC Computer Science,