Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!zaphod.mps.ohio-state.edu!think!barmar
From: barmar@think.com (Barry Margolin)
Newsgroups: comp.unix.questions
Subject: Re: passwds and crypt(3)...
Message-ID: <32537@news.Think.COM>
Date: 2 Jan 90 00:45:24 GMT
References: <21911@adm.BRL.MIL>
Sender: news@Think.COM
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 22

In article <21911@adm.BRL.MIL> AGRISCS@umcvmb.missouri.edu (Don Ingli) writes:
>Anyway, I guess what I am trying to say is that maybe UNIX should place the
>SHADOW file somewhere on the disk, but not in a file....

It's been suggested before.  What makes you think storing it on the disk is
any more secure than a file?  The disk can be accessed as /dev/<something>.
The access control on this is no more secure than that provided for
/etc/shadow -- if someone can get superuser access then they'd be able to
read both of them.  On the other hand, having a separate /etc/shadow allows
its group permission to be used; passwd could be setgid to its group rather
than setuid root.

Also, taking the password database out of the file system means that it
won't be backed up by current backup tools.  All the backup facilities
would have to be updated to dump the password partition.


--
Barry Margolin, Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar