On Wed, 14 Feb 2007, Asheesh Laroia wrote:
But if PASSFILE is mode 0600 then it's not actually insecure, right (*)?
Isn't that like saying "If I'm the only user on my Windows system, then it's secure, right?" ;-)
Or, perhaps, "Since /etc/shadow is protected, we don't need to encrypt them any more, we can just store the passwords as plaintext, right?"
The Alpine PASSFILE is, effectively, a plaintext-equivalent file. Most security-minded people would NOT consider 0600 UNIX file protections to be "good enough" for security. Don't forget that this file potentially contains that user's passwords on many other systems. The successful theft of a single Alpine PASSFILE is potentially a compromise of a great many additional systems.
The capability to build UNIX Alpine that way exists, but we don't use it. I'm sure that there are hackers out there who would love to get ahold of my PASSFILE if I was ever foolish enough to keep one.
-- Mark -- http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
