Date: Tue, 13 Oct 1998 09:11:15 -0700 (PDT) From: David Wolfskill <dhw@whistle.com> To: yurtesen@ispro.net.tr Cc: freebsd-questions@FreeBSD.ORG Subject: Re: pwd.db? Message-ID: <199810131611.JAA20298@pau-amma.whistle.com> In-Reply-To: <Pine.BSF.3.96.981013075056.21967A-100000@finland.ispro.net.tr>
next in thread | previous in thread | raw e-mail | index | archive | help
>Date: Tue, 13 Oct 1998 07:56:20 +0300 (EEST) >From: Evren Yurtesen <yurtesen@ispro.net.tr> >ok then, but would not it be more secure if you have maden the >password files be able to read only by wheel group? >for example I would not want somebody to get my passwd file and >put it to web to show all usernames on my system and the real names >corresponding to those login names (also I guess nobody would like >that idea) or somebody may send email to all my users from that passwd >file, is not it? (I do not think that somebody would like this idea >too!), but those files are readable by public which means that anyone >who as account on my system can access to them, why is that ? Because many programs, such as "ls" and "ps" make use of the information; if you prevent non-root use of the information, those programs fail (or have reduced functionality). There comes a point where you need to decide who you can trust and with what. In its formative years, UNIX was largely in environments where everyone who had (legitimate) access to a given system could reaasonably be trusted with the information in question. It may well be argued that there are situations now where this is not the case. If you need to maintain such an environment, you have a non-trivial amount of work to do to set it up, and if so, you might want to get in touch with others who might also have such concerns, so you can share the workload & experiences... assuming, of course, that you trust each other enough. :-}, david -- David Wolfskill UNIX System Administrator dhw@whistle.com voice: (650) 577-7158 pager: (650) 371-4621 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810131611.JAA20298>