Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!husc6!cmcl2!brl-adm!brl-smoke!gwyn
From: gwyn@brl-smoke.ARPA (Doug Gwyn )
Newsgroups: comp.unix.questions
Subject: Re: Passwords in /etc/group
Message-ID: <6113@brl-smoke.ARPA>
Date: Sun, 12-Jul-87 17:26:41 EDT
Article-I.D.: brl-smok.6113
Posted: Sun Jul 12 17:26:41 1987
Date-Received: Mon, 13-Jul-87 04:58:04 EDT
References: <5740010@hpfcdc.HP.COM> <207@macom1.UUCP> <3671@cisunx.UUCP> <2812@ncoast.UUCP> <3703@cisunx.UUCP>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) )
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 16

In article <3703@cisunx.UUCP> nk233514@cisunx.UUCP (Deus) writes:
>After all, if they were, why would the passwd file be world readable on most
>machines ?

It contains user information (name<->UID mapping, for instance) that is
of general use to nonprivileged applications.  However, having the encrypted
passwords publicly visible IS a botch, even though it seemed cute at the
time.  With modern technology it is not hard to discover several passwords
in a reasonable amount of time if the encrypted passwords are available for
inspection.  What is needed is a trusted password verifier (which might
maintain encrypted passwords as an extra level of safety, but would not have
its password database readable by untrusted programs in any case).  It would
not be hard to design such a beast and adapt the few programs and routines
]that currently verify passwords.  Somebody skilled in UNIX security should
check any implementation of this idea, however, BEFORE it is used -- there
are lots of loopholes that one must be aware of and deal with.