Xref: utzoo sci.crypt:1401 comp.unix.wizards:13584 news.sysadmin:1969
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!husc6!ogccse!blake!uw-beaver!microsoft!w-colinp
From: w-colinp@microsoft.UUCP (Colin Plumb)
Newsgroups: sci.crypt,comp.unix.wizards,news.sysadmin
Subject: Re: Yet Another useful paper
Message-ID: <110@microsoft.UUCP>
Date: 20 Dec 88 03:41:18 GMT
References: <11013@ulysses.homer.nj.att.com> <2308@cuuxb.ATT.COM> <4420@xenna.Encore.COM> <2743@epimass.EPI.COM>
Reply-To: w-colinp@microsoft.UUCP (Colin Plumb)
Organization: Microsoft Corp., Redmond WA
Lines: 23
Confusion: Microsoft Corp., Redmond WA

In article <2743@epimass.EPI.COM> jbuck@epimass.EPI.COM (Joe Buck) writes:
>Irrelevant, because not all passwords are equally probable.

This is true, but that's the system administrator's problem.  As soon as
you go beyond simple derivitaves of words (transposition, random
capitalisation, etc.), there is no word list a password cracker can
use, and brute-force search is the only way.

My general rule is that a password must be something which has never,
to the best of your knowledge, been written down anywhere in the world.

My objection to shadow password files is that the layer of security they
provide relies on the unreadability of the file by non-root people.
Unix is not particularly secure this way.  There are probably half a
dozen ways to get a copy of a root-read-only file on any Unix system;
the bugs don't help you do anything nastier than forge mail (L.sys),
so aren't pursued with any great alacrity.

Come on, don't you know a suid program that doesn't check its input files'
permisisons properly and obligingly spits it out (perhaps slightly mangled)
as output?
-- 
	-Colin (uunet!microsof!w-colinp)