Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site ukc.UUCP Path: utzoo!linus!decvax!genrad!mit-eddie!mit-vax!eagle!mhuxt!mhuxi!mhuxa!houxm!hogpc!houti!ariel!vax135!ukc!pc From: pc@ukc.UUCP Newsgroups: net.unix-wizards Subject: Security Message-ID: <3852@ukc.UUCP> Date: Fri, 8-Jul-83 05:56:34 EDT Article-I.D.: ukc.3852 Posted: Fri Jul 8 05:56:34 1983 Date-Received: Sat, 9-Jul-83 13:37:39 EDT Organization: Computing Lab. Kent University, England Lines: 25 If people are REALLY WORRIED about the decryption of passwords why not move the passwords to another file, which is read-only by root. After all only passwd and login need to access the file and both of them are setuid. At UKC, we have user populations of 600-700 and have totally replaced the password file by a binary file with some integral number of bytes per user. This means that random access can be used to access an individual entry. Other keys to the password file (such as login name and in our case the user's system id) are abstracted to a set of very small files which are kept in uid order - these files can be opened and searched very easily. For compatibility purposes we generate /etc/passwd every night (with no passwords) and passwords are never printed even in their encrypted form. One of the benefits of a binary password file is that the record for each user can be much bigger. We currently store a set of limits which are applied at login time and we plan to put in the set of groups which can be used for 4.1c/4.2. Peter Collinson {mcvax, vax135} !ukc!pc