Path: utzoo!attcan!uunet!pdn!larry
From: larry@pdn.UUCP (Larry Swift)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: shadow passwords?
Message-ID: <4871@pdn.UUCP>
Date: 9 Nov 88 13:26:23 GMT
References: <8811080049.AA07509@gyre.umd.edu>
Reply-To: larry@pdn.UUCP (0000-Larry Swift)
Organization: Paradyne Corporation, Largo, Florida
Lines: 26

In article <8811080049.AA07509@gyre.umd.edu> chris@GYRE.UMD.EDU (Chris Torek) writes:
>It seems the phrase `shadow password file' is not well known, so here
>is a definition:
>
>It means the encrypted passwords themselves (and any other `sensitive'
>information) is not kept in /etc/passwd, which is readable by everyone,
>but rather in some other file that is not readable except by root
>(and/or by other privilege of your choice).  The typical implementation
>is to rename the real password file /etc/passwd as something else
>(e.g., /etc/pw.shadow), and replace /etc/passwd with a copy that has
>the password field replaced with something unusable (`*').  Programs
>that really need a user's password run privileged, and are changed to
>refer to the shadow file; others use the usual file, but have no access
>to the encrypted password.  Updates must happen to both files.
                             ^^^^^^^
Updates of what??  Passwords?

You still haven't explained what use /etc/passwd is, especially if the
passwords in it are unusable!

(I'm not a Unix guru, but curious nevertheless.)

Larry Swift                     UUCP: {peora,uunet}!pdn!larry
Paradyne Corp., LF-207          Phone: (813) 530-8605
P. O. Box 2826
Largo, FL, 34649-9981           She's old and she's creaky, but she holds!