Re: Security of Debian SuX0r?

To: Joey Hess <joeyh@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Security of Debian SuX0r?
From: Simon Richter <Simon.Richter@phobos.fachschaften.tu-muenchen.de>
Date: Fri, 1 Sep 2000 05:35:05 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.21.0009010533310.14430-100000@phobos.fachschaften.tu-muenchen.de>
In-reply-to: <[🔎] 20000831110135.G22576@kitenet.net>

On Thu, 31 Aug 2000, Joey Hess wrote:

>  Shadow passwords make your system more secure because nobody is able to
>  view even encrypted passwords. Passwords are stored in a separate file
>  that can only be read by special programs. We recommend the use of shadow
>  passwords. If you're going to use NIS you could run into trouble.

>  Shall I install shadow passwords?

> I'm very confused how someone can skim something like "'Shadow passwords
> make your system more secure' .... 'Shall I install shadow passwords?'",
> and then pick no if they want a secure box.

Yup, this question is senseless. If you happen to have encrypted passwords
in the passwd file, the shadow file is not looked at for these
accounts. So having shadow passwords will not break NIS.

   Simon

-- 
PGP public key available from http://phobos.fs.tum.de/pgp/Simon.Richter.asc
 Fingerprint: 10 62 F6 F5 C0 5D 9E D8  47 05 1B 8A 22 E5 4E C1
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Security of Debian SuX0r?
  - From: Joey Hess <joeyh@debian.org>

References:
- Re: Security of Debian SuX0r?
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: ITP enhydra
Next by Date: Re: Security of Debian SuX0r?
Previous by thread: Re: Security of Debian SuX0r?
Next by thread: Re: Security of Debian SuX0r?
Index(es):
- Date
- Thread