advertisement

Weblog:   New (local) Mac OS X vulnerability : Passwords in Swap files
Subject:   A Joke?
Date:   2004-06-28 09:39:49
From:   niteshd
Response to: A Joke?

You(root) could copy my directory or my files or delete my account or do whatever you want. But an Operating System should not allow you(root) to view my plain text password so easily.



An administrator may set my initial password, but I can change it. Infact if you are a good administrator, you should recommend that users change their password the first time they log on.


I am NOT saying that root cannot do anything he or she wants. I am suggesting that an Operating System should attempt its best to not store passwords in clear text to make it so easy for root or anyone else to obtain your plain text passsword. That is the whole point behind /etc/shadow, and the reason Operating Systems these days do not store user passwords in clear text. Here's another way of thinking about it: if root can obtain user passwords in clear text anyways, what is the point of /etc/shadow? Why not just create an /etc/shadow that is readable by root and store user passwords in clear text there?
Main Topics Oldest First

Showing messages 1 through 1 of 1.

  • A Joke?
    2004-06-28 10:22:33  timharig [Reply | View]

    If I am root I can create false logins redirect web traffic to false sites etc. I do not need direct access to your password. It is an old recommendation to use a false id-password on your first login attempt to *help* prevent this kind of problem.

    If you cannot trust the system administrator then do not use his/her system. Definitly do not use the same id-password that you use for other things.

    /etc/shadow is around because some applications rely on the historical mistake of leaving /etc/passwd world readable. While the passwords are hashed, having the hashes along with the method and salt used to derive them makes it easier to brute force the passwords on a different system.
Showing messages 1 through 1 of 1.