Path: utzoo!attcan!uunet!auspex!guy
From: guy@auspex.UUCP (Guy Harris)
Newsgroups: news.sysadmin
Subject: Re: How to stop future viruses.
Message-ID: <421@auspex.UUCP>
Date: 9 Nov 88 19:42:38 GMT
References: <16722@agate.BERKELEY.EDU>
Reply-To: guy@auspex.UUCP (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 28

>On most Unix systems that I've seen, /etc/passwd is publicly readable. 
>There is no reason for this.

Actually, there is a reason, namely:

	1) there are fields in the password file that are used by other
	   programs that need not and should not be privileged (e.g.,
	   "ls")

and

	2) UNIX systems tend not to be distributed with support for "shadow"
	   password files, with the real passwords in a
	   non-publicly-readable file.

"/etc/passwd" should, at least in all UNIX implementations I know of, be
publicly readable - doing

	chmod go-r /etc/passwd

may make your system more secure, but it will also break several
programs.

(There are ways, other than a "shadow" password file, to handle this -
for instance, "getpwent()" and company could make queries to a
privileged server process.  The point is that most UNIX systems work as
they always have, reading user names, etc. from "/etc/passwd", possibly
with an indirection off to something like the Yellow Pages.)