Date: Tue, 17 Feb 2009 10:54:46 -0800 From: Chuck Swiger <cswiger@mac.com> To: ipfreak@yahoo.com Cc: freebsd general questions <freebsd-questions@freebsd.org> Subject: Re: freebsd and freeradius Message-ID: <6C26B117-BB84-44DC-AF2D-F0036D68C248@mac.com> In-Reply-To: <644194.85690.qm@web52110.mail.re2.yahoo.com> References: <644194.85690.qm@web52110.mail.re2.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 17, 2009, at 10:44 AM, gahn wrote: > No, there is no # in any lines of /etc/passwd. Did you check /etc/master.passwd also? > Btw, what is this "src/etc/master.passwd" for? A line like: # $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06 20:19:56 brooks Exp $ ...indicates the CVS revision that the passwd file comes from. It's mildly interesting when you run mergemaster -iU or the like to update to a newer version of the OS to pick up any default system accounts or changes which have been made. If you're instead asking why there is a /etc/passwd versus master.passwd, the former is historically expected and is supposed to be world-readable, but the traditional practice of putting encrypted passwords in there made automated password cracking relatively feasible. Various UNIXes responded to things like "John the Ripper" by creating a second password database which contained the encrypted passwords, called /etc/shadow in some places, or /etc/master.passwd on FreeBSD, and having that only readable by root. The old /etc/passwd file would then have an "x" or "*" for the passwd field. Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6C26B117-BB84-44DC-AF2D-F0036D68C248>