Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!rutgers!bellcore!faline!thumper!ulysses!andante!alice!debra
From: debra@alice.UUCP (Paul De Bra)
Newsgroups: comp.unix.questions
Subject: Re: /etc/shadow equivalent without a source license!
Keywords: /etc/shadow, /bin/passwd, binary edit
Message-ID: <9015@alice.UUCP>
Date: 7 Mar 89 15:24:56 GMT
References: <199@tnl.UUCP> <9004@alice.UUCP> <13314@steinmetz.ge.com>
Reply-To: debra@alice.UUCP ()
Distribution: na
Organization: AT&T, Bell Labs
Lines: 24

In article <13314@steinmetz.ge.com> davidsen@crdos1.UUCP (bill davidsen) writes:
>  I don't understand this response at all. The proposal was for a file
>(/etc/shadow) which would hold the real password and be readable only to
>root, and the standard password file (/etc/password) which had the same
>info with the password replaced by 'x'. This sounds like a totally
>workable solution. I see no reason why having non-secret stuff in the
>shadow file hurts anything...

Oops, I goofed while reading the message. Sorry about that.

But, it may be a bit more tricky than you suspect though. You may want to
check which other programs look in /etc/passwd to find the password.
Like, what happens when you want to enter "maintenance mode" (in Xenix) ?
And wouldn't you want routines like getpwent() to give you the real
encrypted password when invoked by root or something?
And what about other programs that may exist and change the password file,
like chsh (don't know exactly which ones exist in Xenix). They too should
change the shadow file...

Paul.
-- 
------------------------------------------------------
|debra@research.att.com   | uunet!research!debra     |
------------------------------------------------------