Path: utzoo!mnetor!uunet!lll-winken!lll-tis!ames!pasteur!postgres!brand
From: brand@postgres.uucp (Russell L. Brand)
Newsgroups: sci.crypt
Subject: Re: Unix Password Hacker
Message-ID: <1232@pasteur.Berkeley.Edu>
Date: 4 Mar 88 22:57:22 GMT
References: <731@ddsw1.UUCP> <657@morningdew.BBN.COM> <24582@cca.CCA.COM> <281@csed-47.csed-1.UUCP> <4315@june.cs.washington.edu>
Sender: news@pasteur.Berkeley.Edu
Reply-To: brand@postgres.UUCP (Russell L. Brand)
Distribution: na
Organization: Postgres Research Group, UC Berkeley
Lines: 20

In article <4315@june.cs.washington.edu> ka@june.cs.washington.edu (Kenneth Almquist) writes:
>Suggestions like the one of read protecting the password file *and*
>encrypting it raise a red flag for me.  If the encryption scheme is good,
>then read protecting the passwords is unnecessary.  Similarly, if the
>read protection on the password file really works, then encrypting the
>passwords is a waste of time.  


NO!

when you have let some have a root account to fix something (perhaps
the password file itself) you don't want them to casually have access
to all the passwords.  Among other things some of your users probably
have the same passwords on other machines.  Further when a user of
machine-1 wants an account on machine-2 we cna just send the encrypted
passwords through less than perfectly trusted channels and give him an
account with password on machine-2.  if the paswords had to be
unencrypted on machine-2 it would * very* inconvient to do things like
this

-wuthel