Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-lcc!ames!mailrus!uflorida!haven!adm!smoke!ibd!heilpern
From: heilpern@ibd.BRL.MIL (Mark A. Heilpern )
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Message-ID: <238@ibd.BRL.MIL>
Date: 6 Jan 89 13:29:13 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <4537@xenna.Encore.COM> <654@white.gcm> <2629@ficc.uu.net>
Reply-To: heilpern@brl.arpa (Mark A. Heilpern (IBD) <heilpern>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 21

In article <2629@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes:
>Because open passwords let users write utility programs that verify who you
>are.  If the password file is hidden, you need to provide a password
>verification server.

1) Why must "normal" users implement this function? Surely, in the case of
   a Shadow password file, a setuid-to-root program will have the needed
   access, no?

2) Assuming a shadow password file boosts security to the Nth degree,
   the getuid() call should be verification enough. Additionally, if
   there is no increase in security, the password will have been breeched,
   and the fraudulent user will already know the password.

2a) Unless the real user just walks away from a logged in terminal, but
    that is another issue.

-- 
 |\/|         |
 |  |   _     |<
/    \_(_(_)\_/ \______