Mail Archives: djgpp-workers/2001/01/21/11:09:38

delorie.com/archives/browse.cgi

search

Mail Archives: djgpp-workers/2001/01/21/11:09:38

Message-Id: <200101211609.LAA27011@qnx.com>

Subject: Re: Status update (Smalltalk/Python)

To: djgpp-workers AT delorie DOT com

Date: Sun, 21 Jan 2001 11:09:16 -0500 (EST)

From: "Alain Magloire" <alain AT qnx DOT com>

In-Reply-To: <3A6AEC96.4F46DBF5@phekda.freeserve.co.uk> from "Richard Dawe" at Jan 21, 2001 02:05:10 PM

X-Mailer: ELM [version 2.5 PL0b1]

MIME-Version: 1.0

Reply-To: djgpp-workers AT delorie DOT com

Errors-To: nobody AT delorie DOT com

X-Mailing-List: djgpp-workers AT delorie DOT com

X-Unsubscribes-To: listserv AT delorie DOT com

> 
> Hello.
> 
> Eli Zaretskii wrote:
> > 
> > On Sun, 21 Jan 2001, Tim Van Holder wrote:
> > > Wasn't sure what to use for a value though; would apps expect
> > > crypt()'ed values or plaintext?
> > 
> > Could people who can access Unix and GNU/Linux boxes please look what
> > they do?

Crypt.

> The password seems to be crypted. For the group password I get 'x', which
> is what /etc/group contains for my user. This appears to be equivalent tp
> a blank password field. This is on RedHat Linux 6.2 with glibc 2.1.3.

Most Modern Un*x including GNU/Linux uses shadow passwd.  Meaning
the actual passwd is now save in /etc/shadow and not readable by all.
It is common belief the shadow approach will give at least a first barrier
to dictionnary style of attack.  The passwd are now access via the
shadow routines :
struct spwd *getspnam(char *name);
...
and friends.

The caveat is that, when you want to authenticate you need to be root.

> I don't have any groups with passwords. Perhaps someone who does can use
> my test program? Here's my test program:

group passwd is seldom use nowadays.
The test program below is correct.

> ---start getpwnam() test program---
...
> ---end getpwnam() test program---

Usually the way it is use:
{
...
      pw = getpwnam (arg);
      if (pw == NULL)
        return ERR_BAD_LOGIN /* Oops! Houston we have a problem.  */;
      if (strcmp (pw->pw_passwd, crypt (pass, pw->pw_passwd)))
        {
#ifdef HAVE_SHADOW_H
          struct spwd *spw;
          spw = getspnam (arg);
          if (spw == NULL)
            return ERR_BAD_LOGIN; /* !! Danger Will Robertson!  */
          if (strcmp (spw->sp_pwdp, crypt (pass, spw->sp_pwdp)))
#endif /* HAVE_SHADOW_H */
            return ERR_BAD_PASSWD; /* Nuke the twit.  */
        }     
...
}

Some systems follow Solaris example by having PAM style auth.
I believe GNU/Linux and *BSD came up with there PAM libs too.

> > > And what would be a good value? Maybe we could select one randomly
> > > from "secret", "password" and "god" :-)
> > > I'm open to suggestions...
> > 
> > I suggest to start a contest for the best password.
> 
> How about "open-sesame"?

How about a little Locale:
"Se'same_ouvre_toi"

Or some French from Paris:
"Voulez-vous_coucher_avec_moi_ce_soir_?"


-- 
au revoir, alain
----
Aussi haut que l'on soit assis, on est toujours assis que sur son cul !!!

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Message-Id:	<200101211609.LAA27011@qnx.com>
Subject:	Re: Status update (Smalltalk/Python)
To:	djgpp-workers AT delorie DOT com
Date:	Sun, 21 Jan 2001 11:09:16 -0500 (EST)
From:	"Alain Magloire" <alain AT qnx DOT com>
In-Reply-To:	<3A6AEC96.4F46DBF5@phekda.freeserve.co.uk> from "Richard Dawe" at Jan 21, 2001 02:05:10 PM
X-Mailer:	ELM [version 2.5 PL0b1]
MIME-Version:	1.0
Reply-To:	djgpp-workers AT delorie DOT com
Errors-To:	nobody AT delorie DOT com
X-Mailing-List:	djgpp-workers AT delorie DOT com
X-Unsubscribes-To:	listserv AT delorie DOT com