Re: Shadow Passwords
Dirk.Eddelbuettel@qed.econ.queensu.ca:
>
> No, there is a copyright problem with the shadow suite for Linux. It seems
> that a new Linux shadow package with a more suitable copyright is in the
> works.
There was a copyright problem, but the author has released the package
under BSD-style copyright, and I now maintain it. The latest version
with some bug fixes is available from
ftp://ftp.ists.pwr.wroc.pl/pub/linux/shadow/shadow-current.tar.gz
> In case your question meant "what would be involved to create a shadow
> password suite", the answer is "a lot". Check the mailing list archive for
> debian-devel on http://www.debian.org where some other schemes were also
> discussed not too long ago.
The shadow password suite already exists, no need to create one :-). It
still needs some code cleanup though. I'm working on it.
The problem is that it is not enough to just install one package - several
other packages need to be shadow-aware. Fortunately, everything that is
necessary (getspnam()) is in libc5. It is easy to make the same binaries
work with both shadow and non-shadow passwords.
I know some people don't like shadow passwords. Others (like me) don't like
non-shadow passwords :-). The best way to keep everyone happy is to make
them optional and let the user decide...
Marek
Reply to: