Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!batcomputer!itsgw!steinmetz!davidsen From: davidsen@steinmetz.ge.com (William E. Davidsen Jr) Newsgroups: comp.unix.questions Subject: Re: /etc/shadow equivalent without a source license! Keywords: /etc/shadow, /bin/passwd, binary edit Message-ID: <13314@steinmetz.ge.com> Date: 6 Mar 89 19:28:03 GMT References: <199@tnl.UUCP> <9004@alice.UUCP> Reply-To: davidsen@crdos1.UUCP (bill davidsen) Distribution: na Organization: General Electric CRD, Schenectady, NY Lines: 31 In article <9004@alice.UUCP> debra@alice.UUCP () writes: | Wait a minute... this is not a useful way to implement /etc/shadow. | The idea of /etc/shadow is to have a publicly accessible /etc/passwd that | does not contain the (encrypted) passwords. /etc/shadow only contains the | login and encrypted passwords (and possibly some other secret stuff). | It is to prevent password hacking that the password should be in the | unreadable file. I don't see much use for your copy of /etc/passwd. | Maybe you want to reconsider the whole idea? I don't understand this response at all. The proposal was for a file (/etc/shadow) which would hold the real password and be readable only to root, and the standard password file (/etc/password) which had the same info with the password replaced by 'x'. This sounds like a totally workable solution. I see no reason why having non-secret stuff in the shadow file hurts anything... I just looked with a binary patch editor and found 4404 in the /bin/passwd program. Now I'll create a small dummy filesystem, patch the programs su, login, and passwd, and test under chroot. WHen I feel brave I'll actually install them. Totally great idea. The files only have to be copied when a uid is added/deleted, or comments, etc, are changed. Obviously chsh and friends will have to change if you have them. ================ Maybe SCO could pick up this idea - HINT ================ -- bill davidsen (wedu@ge-crd.arpa) {uunet | philabs}!steinmetz!crdos1!davidsen "Stupidity, like virtue, is its own reward" -me