Path: utzoo!attcan!uunet!auspex!guy
From: guy@auspex.UUCP (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: /etc/shadow
Message-ID: <461@auspex.UUCP>
Date: 16 Nov 88 22:45:42 GMT
References: <8871@smoke.BRL.MIL> <10187@swan.ulowell.edu>
Reply-To: guy@auspex.UUCP (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 13

>2:  Write a server (passwdd) to accept connections from clients
>    who request the password entry for a given user
>3:  Re-write getpw{ent,uid,nam} to connect to the client
>4:  Re-compile everything that uses getpw{ent,uid,nam}

Sounds like you've just invented Yellow Pages....

SunOS 4.0 has, in its "C2 secure" mode, a shadow password file, as well
as an RPC-based "password validation" server.  The latter is the way you
let non-privileged programs match passwords; I suspect you send the
encrypted password over the wire and ask it "does this match the
encrypted password for user 'x'?"  This is a similar approach to the
"privileged password validation" utility Doug suggested.