Re: non-root password lookups?
On Mon, Jan 18, 1999 at 10:36:35AM +0100, Martin Bialasinski wrote:
>
> What use would shadow passwords have, if a unprivileged user can query
> them?
Well...then the query is at your control - and if you make a single query take
a full second (or more) then it will take a very long time to brute force
anything (and thats assuming there is no logging).
>
> I heared on Solaris you have a daemon, which takes username/password
> and tells you if the combination is OK.
Ahh....that sounds interesting....I'll have to reaserch into that idea.
Bye,
Chris
--
----------------------------------------------------------------------
The box said "Windows 95, NT or better" .. so I installed Debian Linux
----------------------------------------------------------------------
Reply with subject 'request key' for PGP public key. KeyID 0xA9E087D5
Reply to: