Re: Sys Admins Wanted

Chris Keane - Snr ENS Sys Admin (Chris.Keane@nospam.aus.sun.com)
Fri, 6 May 1994 08:54:49 --1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matthew Gream: "Re: Sys Admins Wanted"
Previous message: Anand Kumria: "Re: Sys Admins Wanted"
Maybe in reply to: James Wondrasek: "Sys Admins Wanted"
Next in thread: Chris Keane - Snr ENS Sys Admin: "Re: Sys Admins Wanted"

> From: raz@nospam.number5.apana.org.au
>
> > From: apwilson@nospam.socs.uts.EDU.AU
>
> > Peter's concern was that since C2 has been installed, anyone with root's
> > passwd can see all the users passwds unencrypted, and if users were to use
> > the same passwd on the other SoCS machines as they do on Ftoomsh then any
> > sys admin could find out other users passwds for the SoCS machines.
>
> !!!!! This is a new one on me. I thought that the point of C2 was an
> INCREASE in security, not a decrease. Does anyone know what earthly
> reason exists for root to have this extraordinary priviledge?
>
>

I haven't been following this thread, but "Peter's concern" is a load
of crap. The C2 package doesn't keep passwds non-encrypted - it moves
the encrypted passwords into a shadow file. Therefore, only root
can see the ENCRYPTED passwords (to protect against unauthorised crack
runs, etc).

Christofu.

Next message: Matthew Gream: "Re: Sys Admins Wanted"
Previous message: Anand Kumria: "Re: Sys Admins Wanted"
Maybe in reply to: James Wondrasek: "Sys Admins Wanted"
Next in thread: Chris Keane - Snr ENS Sys Admin: "Re: Sys Admins Wanted"