Quote:>I am not an Unix admin. I am just a student. In our class discussion, we
>ran into the question why the password file is publicly available.
At the time Unix was being implemented, people felt that the encryption was
good enough to prevent people from discovering passwords. Administration
was simplified if all information about a user was in one file instead of
two, so the encrypted password was put in the same file as the full name,
home directory, shell, etc. Since there's no need to protect the latter
information, and the encryption was thought to be good enough protection
for the password, the file is publicly readable.
Quote:>I know It
>is not in directly readable form, but if we care for security reasons, why
>don't the administration make the file unavailable for casual users in the
Many versions of Unix now provide a way to put the encrypted passwords in a
System Manager, Thinking Machines Corp.