Re: [Nss-mysql-users] shadow

nss-mysql-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nss-mysql-users] shadow

From:	Ian P. Christian
Subject:	Re: [Nss-mysql-users] shadow
Date:	Thu, 20 Jan 2005 23:58:45 +0000
User-agent:	KMail/1.7.2

On Tuesday 04 January 2005 10:10, Mario Ohnewald wrote:
> I use encrypt or md5.
> Is it only the danger of a bruteforce?

Yes.

As the unix manual section 5 days about the shadow file....

       "This file must not be readable by regular users if password security 
is to be maintained."

The same goes for the database.  If normal users can get the hashes, it 
*greatly* improves thier chances of cracking into an account.

[Prev in Thread]

Current Thread

[Next in Thread]

[Nss-mysql-users] shadow, Mario Ohnewald, 2005/01/04
- Re: [Nss-mysql-users] shadow, Ian P. Christian <=

Prev by Date: [Nss-mysql-users] shadow
Previous by thread: [Nss-mysql-users] shadow
Index(es):
- Date
- Thread