Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!lll-winken!xanth!ukma!rutgers!att!ulysses!andante!alice!debra
From: debra@alice.UUCP (Paul De Bra)
Newsgroups: comp.unix.questions
Subject: Re: /etc/shadow equivalent without a source license!
Keywords: /etc/shadow, /bin/passwd, binary edit
Message-ID: <9004@alice.UUCP>
Date: 5 Mar 89 16:50:28 GMT
References: <199@tnl.UUCP>
Reply-To: debra@alice.UUCP ()
Distribution: na
Organization: AT&T, Bell Labs
Lines: 25

In article <199@tnl.UUCP> norstar@tnl.UUCP (Daniel Ray) writes:
>Hello everybody. I am trying to hack together a working equivalent to
>the /etc/shadow scheme of unreadable passwords. I run a XENIX 386 v2.2.3
>system, and only have a binary license. Working with the 'bpatch' binary
>editor, I was planning to substitute the word 'shadow' for 'passwd' in
>the text string appearances of '/etc/passwd' in the compiled object files
>for: /bin/passwd, /etc/login, and /bin/su. (Then I would have cron periodic-
>ally copy /etc/shadow to /etc/passwd except that the 2nd field would be
>an 'x' in the public /etc/passwd version, while the real passwd file would
>be /etc/shadow).
>...

Wait a minute... this is not a useful way to implement /etc/shadow.
The idea of /etc/shadow is to have a publicly accessible /etc/passwd that
does not contain the (encrypted) passwords. /etc/shadow only contains the
login and encrypted passwords (and possibly some other secret stuff).
It is to prevent password hacking that the password should be in the
unreadable file. I don't see much use for your copy of /etc/passwd.
Maybe you want to reconsider the whole idea?

Paul.
-- 
------------------------------------------------------
|debra@research.att.com   | uunet!research!debra     |
------------------------------------------------------