From owner-freebsd-security  Thu Mar 25 22:32:59 1999
Delivered-To: freebsd-security@freebsd.org
Received: from unique.usn.blaze.net.au (unique.usn.blaze.net.au [203.17.53.97])
	by hub.freebsd.org (Postfix) with ESMTP id 1511914E4B
	for <freebsd-security@FreeBSD.ORG>; Thu, 25 Mar 1999 22:32:46 -0800 (PST)
	(envelope-from davidn@blaze.net.au)
Received: from labs (labs.usn.blaze.net.au [203.17.53.98])
	by unique.usn.blaze.net.au (8.9.3/8.9.1) with SMTP id RAA00412;
	Fri, 26 Mar 1999 17:32:11 +1100 (EST)
	(envelope-from davidn@blaze.net.au)
Message-ID: <032601be7752$4c7aea60$623511cb@usn.blaze.net.au>
From: "David Nugent" <davidn@blaze.net.au>
To: "Matthew Dillon" <dillon@apollo.backplane.com>
Cc: <freebsd-security@FreeBSD.ORG>
References: <Pine.GSO.4.10.9903251409300.17330-100000@primrose.isrc.qut.edu.au> <199903250426.UAA68023@apollo.backplane.com> <kjzp51u1y6.fsf@computer.eng.mindspring.net> <199903251833.KAA00915@apollo.backplane.com> <kjg16ttnm1.fsf@computer.eng.mindspring.net> <199903251850.KAA01406@apollo.backplane.com>
Subject: Re: Kerberos vs SSH
Date: Fri, 26 Mar 1999 17:31:35 +1100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2014.211
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>     It's pretty easy to write a script to manipulate the password file,
>     especially if you are not entering any encrypted passwords ( i.e.
leaving
>     that field '*' ).  If you are worried about messing it up, just have
cron
>     backup the password file once a day or something like that.

Ever tried recovering a system with a corrupted password database?
It's a pain to recover, especially if pwd_mkdb is not statically linked.


David




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message