Xref: utzoo sci.crypt:1404 comp.unix.wizards:13597 news.sysadmin:1971
Newsgroups: sci.crypt,comp.unix.wizards,news.sysadmin
Path: utzoo!henry
From: henry@utzoo.uucp (Henry Spencer)
Subject: Re: Yet Another useful paper
Message-ID: <1988Dec21.193752.17888@utzoo.uucp>
Organization: U of Toronto Zoology
References: <11013@ulysses.homer.nj.att.com> <2308@cuuxb.ATT.COM> <4420@xenna.Encore.COM> <2743@epimass.EPI.COM> <110@microsoft.UUCP>
Date: Wed, 21 Dec 88 19:37:52 GMT

In article <110@microsoft.UUCP> w-colinp@microsoft.UUCP (Colin Plumb) writes:
>My objection to shadow password files is that the layer of security they
>provide relies on the unreadability of the file by non-root people.
>Unix is not particularly secure this way...

This does somewhat depend on how alert the sysadmin is.  However, I think
you're missing a point:  shadow password files do add one more layer of
complication for would-be crackers.  There is no such thing as perfect
security, just ways of making life harder for the bad guys.
-- 
"God willing, we will return." |     Henry Spencer at U of Toronto Zoology
-Eugene Cernan, the Moon, 1972 | uunet!attcan!utzoo!henry henry@zoo.toronto.edu