> Say what? It is almost trivial to read the encrypted passwords from the
> shadow password file. I have found several programs to do so after we
> have caught hackers.
>
> Plus, linux CAN use shadow passwords if you want. Now that I have seen
> how much it slows down a hacker (20 milli-seconds) I do not bother
> anymore.
>
> Sorry for the digression, I know this does not belong here...
Actually, the digression is most welcome... What we did was change the
permissions on the master.passwd, passwd, and pwd.db (we're using bsdi
2.1) to 600 or 640. By making it invisible to the outside I *think* nad
fervently hope that the password files are safe. Changing the permissions
may be the countermeasure against hacker/decrypt programs.
Rob