Path: utzoo!utgpu!water!watmath!clyde!att!rutgers!gatech!uflorida!beach.cis.ufl.edu!jmb From: jmb@beach.cis.ufl.edu (John M Boof) Newsgroups: comp.os.vms Subject: Re: creating a file in my account from another userid. Summary: Don't hard-code unhashed passwords in ANY file on the system. Message-ID: <16542@uflorida.cis.ufl.EDU> Date: 10 Jul 88 12:00:41 GMT References: <8807061616.AA01095@ucbvax.Berkeley.EDU> Sender: news@uflorida.cis.ufl.EDU Reply-To: jmb@beach.cis.ufl.edu () Organization: UF CIS Department Lines: 41 ( Geoffrey has a program as part of a BBS program which opens files with his username and password through a network connection. His password is contained in the code, but nobody there has figured out how to find it yet... ) Hard-coding your password in a program IS highly dangerous, especially when you are letting many people run the program. A mistake such as opening the file to read access for these people would leave your password out 'in the middle of the road', unless you have encoded it within your code. Even then, the debugger, or other methods, can be used to find the location of the password when you store it after decoding it. Besides all that, no file can be completely safe from access, and this is basically why no security-conscious systems store passwords in their original form. It would be much less risky if you tried to hide access that would only work for that file, rather than trying to hide access to the whole account by endangering your password. At our system, people usually resort to trying to hide the file, by removing it and using the fid number, burrying it in directories, confuse the SHOW DEV/FIL output by using pointers and removing latest one, or other ideas. I personally feel that the MAIL facility keeps a nice record format for a BBS system that can overlay it, using MAIL's privileges to open the files, a message pre-processor/editor, and a message post-processor (run in time intervals or done manually by a board operator). Of course, the 'correct?' way would be to get the program installed with privs, only using them when opening the files to write to, but I am assuming that this is not one of your alternatives. ...JMBoof _____________________________________________________________________________ Addresses in order of preference: ARPA-InterNet: VAX/VMS: boof%oak.decnet@pine.circa.ufl.edu or boof@pine.circa.ufl.edu Gould UNIX: jmb@beach.cis.ufl.edu UUCP: Gould UNIX: ... !uflorida!beach.cis.ufl.edu!jmb BITNET: VAX/VMS: boof@ufpine IBM VM/CMS: $$$YEQ#@NERVM _____________________________________________________________________________