Date: Fri, 20 Sep 1996 08:40:11 -0700 (MST) From: Steve Fox <sfox@indirect.com> To: freebsd-isp@FreeBSD.ORG Subject: Password Changes Message-ID: <199609201540.IAA17618@bud.indirect.com>
next in thread | raw e-mail | index | archive | help
Greetings, I'm doing some consulting for a local ISP that is using FreeBSD 2.1.5 for their servers. One of their programmers has come up with a plan to use an alternate password file for Radius, POP, and personal Web page access. His reasoning for doing this is to speed up password access and database updates for large (100K entries) password files and Radius dbm files, and for security in personal Web pages. Rather than use the password database and a Radius database, the password entries now go into a directory structure like /etc/password.dir/X/Y. Where 'X' is the first character of the user name and 'Y' is the last character of the username. The 'Y' file would then contain the encrypted password entry and the Radius User file entries for all user names beginning with 'X' and ending with 'Y'. To accomplish this, he's modified getpwnam, mail.local, Qpopper, Radius, and Sendmail's recipients.c to look in this new directory structure for the password entry. All this sounds reasonable for a Pop only ISP system and it seems to work OK. I just have this uneasy feeling about making changes that affect password access. Is this an unfounded fear or does anyone see any holes in this plan ? Thanks, Steve
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609201540.IAA17618>