[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Open Xlock as root



On Tue, 7 Dec 1999, Ethan Benson wrote:

> well yes that is true, but saying sgid shadow is as bad as suid root 
> is a little harsh:

> exploit sgid shadow program -> you get access to encrypted passwords woo hoo!
> exploit suid root program -> who needs encrypted passwords? we 
> already got root!

Well, if you're using crypt passwords, a dedicated assailant can get the
cleartext passwords easily enough.  Crypt just isn't all that secure
anymore.  More OS distributions are moving to solutions like md5, but not
enough of them have that enabled as the default, IMHO.

(And even then, your users and administrators have to be using *good*
passwords..)

-Steve Langasek
postmodern programmer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []