[Tiger-devel] [RFC] Shadow passwords under Linux

tiger-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tiger-devel] [RFC] Shadow passwords under Linux

From:	Ryan Bradetich
Subject:	[Tiger-devel] [RFC] Shadow passwords under Linux
Date:	24 Jun 2003 22:13:16 -0600

Hello all,

In the current version of Tiger, the shadow password check for Linux is
inadequate.  Currently this check only verifies /etc/passwd and
/etc/shadow are non-0 in size (when Tiger_Check_PASSWD_SHADOW != 'N').

Under Linux, the shadow file is only checked if the password hash is
'x'.  If the passwd entry contains anything but 'x' that password hash
is used instead of the password has in /etc/shadow.

Currently the gen_passwd_sets uses join to replace the password hash in
the /etc/password entry with the password hash in /etc/shadow , if the
/etc/shadow file exists.  From what I described above, this is obviously
incorrect.  

I know how to verify each user's password is properly shadowed, but my
question is where to place the check.

My first though was in the gen_passwd_sets, but a quick grep through the
source shows gen_passwd_sets gets called is several checks (ie.
check_accounts, check_ftpusers, check_known, check_path, etc) so any
warnings/errors would be duplicated for each additional call of the
gen_passwd_sets.  This is a non-optimal solution.

My next thought was to handle it in the check_passwd script, but on the
couple of platforms I am testing on (HP-UX and Linux) shadow passwords
are not implimented consistently, so there would have to be $OS case
statements to handle this.  This did not appear to be very clean either.

My last thought was to add a new custom script to systems/Linux/2 and
perform this check here.  This seems like the best solution to me, but
then not all the passwd0xx checks would be contained in the check_passwd
script (it would be called from the check_system script).  I do not see
this a problem, but wanted to get a feeling from this list on the
preferred method, or if there is an additional method I did not
investigate.

Thanks,

Feed back is always appreciated.

- Ryan

P.S. As a point of reference, when HP-UX is put into trusted mode, the
password hash is moved to /tcb/file/auth/<u>/<username>, and the
/etc/passwd passwd hash is replaced with an '*'.  If the passwd has is
anything but '*' pwck generates an error, and the passwd hash is
ignored, and uses the password hash in /tcb/files/auth/<u>/<username>.

How are shadow password handled under other supported OSes?


-- 
Ryan Bradetich <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Tiger-devel] [RFC] Shadow passwords under Linux, Ryan Bradetich <=

Prev by Date: [Tiger-devel] [PATCH] updated password checks for Linux and HP-UX
Next by Date: [Tiger-devel] [PATCH] define GRPCK for HP-UX and update the check_group script
Previous by thread: [Tiger-devel] [PATCH] updated password checks for Linux and HP-UX
Next by thread: [Tiger-devel] [PATCH] define GRPCK for HP-UX and update the check_group script
Index(es):
- Date
- Thread