Subject: Re: replacement for /etc/passwd
To: Alan Post <email@example.com>
From: Roland Dowdeswell <firstname.lastname@example.org>
Date: 12/09/2002 23:10:06
On 1039492294 seconds since the Beginning of the UNIX epoch
Alan Post wrote:
>The only disadvantage that I can come up with is that if I am able to
>impersonate a user, I can set her password without knowing the current
This is actually a pretty major drawback, unfortunately. Other
that that, we maintain a hashed DB of the passwd file to speed
lookups, having it all in separate files would make the lookups
substantially slower unless you rebuilt the passwd DB. But rebuilding
the passwd DB would require root priviledges.
On the bright side, though, you could use the nsswitch (c.f.
nsswitch.conf(5), nsdispatch(3)) to build an optional framework to
play with this pretty quickly.
Roland Dowdeswell http://www.Imrryr.ORG/~elric/