From owner-freebsd-questions  Mon Oct 12 21:57:05 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA28098
          for freebsd-questions-outgoing; Mon, 12 Oct 1998 21:57:05 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from finland.ispro.net.tr (finland.ispro.net.tr [195.174.18.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA28087
          for <freebsd-questions@FreeBSD.ORG>; Mon, 12 Oct 1998 21:57:02 -0700 (PDT)
          (envelope-from yurtesen@ispro.net.tr)
Received: from localhost (yurtesen@localhost)
	by finland.ispro.net.tr (8.8.8/8.8.8) with SMTP id HAA22600;
	Tue, 13 Oct 1998 07:56:20 +0300 (EEST)
	(envelope-from yurtesen@ispro.net.tr)
Date: Tue, 13 Oct 1998 07:56:20 +0300 (EEST)
From: Evren Yurtesen <yurtesen@ispro.net.tr>
Reply-To: Evren Yurtesen <yurtesen@ispro.net.tr>
To: Doug White <dwhite@resnet.uoregon.edu>,
        Ben Smithurst <ben@scientia.demon.co.uk>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: pwd.db?
In-Reply-To: <Pine.BSF.4.03.9810121349160.25080-100000@resnet.uoregon.edu>
Message-ID: <Pine.BSF.3.96.981013075056.21967A-100000@finland.ispro.net.tr>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

ok then, but would not it be more secure if you have maden the
password files be able to read only by wheel group?
for example I would not want somebody to get my passwd file and
put it to web to show all usernames on my system and the real names
corresponding to those login names (also I guess nobody would like
that idea) or somebody may send email to all my users from that passwd
file, is not it? (I do not think that somebody would like this idea
too!), but those files are readable by public which means that anyone
who as account on my system can access to them, why is that ?
thanks,
Evren

PS. I hope I am not asking a stupid question ?

On Mon, 12 Oct 1998, Doug White wrote:

> On Mon, 12 Oct 1998, Evren Yurtesen wrote:
> 
> > why does freebsd need pwd.db file? 
> 
> Because it's more secure and faster to do password file lookups against a
> binary database than a flat file.
> 
> > also spwd.db file? I guess linux does not have
> > those files right? 
> 
> It does if you have shadow passwords enabled.
> 
> > is there any way to get the original passwd file
> > from pwd.db file? 
> 
> You can't get the origial password in any way, period.  It's a 'one-way
> hash' as we say in the computer business.
> 
> Doug White                               
> Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
> http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message