Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!leah!itsgw!steinmetz!uunet!uvm-gen!tnl!norstar From: norstar@tnl.UUCP (Daniel Ray) Newsgroups: comp.unix.questions Subject: /etc/shadow equivalent without a source license! Keywords: /etc/shadow, /bin/passwd, binary edit Message-ID: <199@tnl.UUCP> Date: 5 Mar 89 00:49:15 GMT Distribution: na Organization: The Northern Lights, Burlington VT Lines: 33 Hello everybody. I am trying to hack together a working equivalent to the /etc/shadow scheme of unreadable passwords. I run a XENIX 386 v2.2.3 system, and only have a binary license. Working with the 'bpatch' binary editor, I was planning to substitute the word 'shadow' for 'passwd' in the text string appearances of '/etc/passwd' in the compiled object files for: /bin/passwd, /etc/login, and /bin/su. (Then I would have cron periodic- ally copy /etc/shadow to /etc/passwd except that the 2nd field would be an 'x' in the public /etc/passwd version, while the real passwd file would be /etc/shadow). I think I could have made the scheme work except for one thing: /bin/passwd does a chmod("/etc/passwd",444); somewhere before exiting, which is quite proper for a PUBLIC passwd file. Only I want it to leave the mode as 400 for the substituted PRIVATE shadow file. My question is: is there a way to use 'bpatch' on /bin/passwd so that I can edit the mode 444 to mode 400. How would I identify the hex bytes that do this chmod?? Is this more trouble than its worth (maybe I should find or write my own /bin/passwd ???). I wish SCO and other UNIX sellers would include the source code for these security-related programs as they do for the UUCP dial program...as it stands now I'd have to fork over $60000 for the privilege! oh well.. Thanks if anyone can assist me in this! dan norstar The Northern Lights, Burlington Vermont | Futility, like tnl dialins: 802-865-3614 at 300-2400 bps. ` | / suffering, is ------------------------------------------ --- * --- a *hell* of a uucp: uunet!uvm-gen!tnl!norstar or / | . lot of fun! {decvax,linus}!dartvax!uvm-gen!tnl!norstar | (Try it you'll like it!!)