Re: Isn't it a security hole...
>As Jerzy Kakol said:
>>
>>
>> ...the attribute readable for others in case of the file /etc/passwd?
>
>Perhaps a bit, but not too much. The passwords in /etc/passwd are encrypted
>through one-way DES encryption. It's much easier to simply guess users'
>passwords, the majority of which are first-names or first-names followed
>by a number.
>
>>
>> TIA.
>>
>> Jerzy Kakol
>>
>--gilbert
>______________________________________________________________________
>Gilbert Ramirez Jr. gram@merece.uthscsa.edu
>University of Texas http://merece.uthscsa.edu/gram
>Health Science Center at San Antonio University Health System
>
Actually, cracking a unix passwd file is quite easy, even for those
with minimal computer knowledge. With widely available programs like Crack
(UNIX), Crakerjack (DOS), and root_crack(DOS) anybody with a CPU >386 can
crack the DES encryption with a bit of time.
Mike...
Reply to: