Date: Fri, 2 Feb 2001 08:08:06 GMT From: Cliff Sarginson <cliff@raggedclown.net> To: "gerald stoller" <gerald_stoller@hotmail.com>, gene_dinkey@hp.com, freebsd-questions@FreeBSD.ORG Subject: RE: UID at login time Message-ID: <E14ObGI-000AJS-00@post.mail.nl.demon.net>
next in thread | raw e-mail | index | archive | help
> > > > >From: "DINKEY,GENE (HP-Loveland,ex1)" To: "'gerald stoller'" , > >freebsd-questions@freebsd.org Subject: RE: UID at login time Date: Thu, 1 > >Feb 2001 16:41:31 -0700 > > > > > -----Original Message----- > From: gerald stoller > >[mailto:gerald_stoller@hotmail.com] > Sent: Thursday, February 01, 2001 > >2:32 PM > To: freebsd-questions@freebsd.org > Subject: UID at login time > > > > I used vi /etc/passwd ; after seeing 'vipw' in your email, I recall > seeing it mentioned in my reading about FreeBSD , and I thought it was just > a safety feature at the time (e.g., it wouldn't let you modift the password > field). I have since used vipw and the problem is gone. Thanks for your > help. > This system (of having both master.passwd & passwd ) is not the > right way to provide a safeguard, IMHO. This is not the reason for the existance of master.passwd. It is is security feature, not a backup procedure. This is an implementation of shadow passwords. The real ecnrypted passwords are kept in the master.passwd file, which is only readable by root. The passwd file is world readable (it has to be) but should not contain the encrypted passwords in order to prevent brute force crackign attempts on user passwords. Hence "vipw". Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E14ObGI-000AJS-00>