getpwnam with md5 encrypted passwds
Terry Lambert
tlambert2 at mindspring.com
Thu Nov 27 01:37:53 PST 2003
Peter Pentchev wrote:
> On Wed, Nov 26, 2003 at 02:21:04PM +0100, Kai Mosebach wrote:
> > Looks interesting ... is this method also usable, when i dropped my privs ?
>
> I think Terry meant pam_authenticate() (not pan), but to answer your
> question: no, when you drop your privileges, you do not have access to
> at least the system's password database (/etc/spwd.db, generated from
> /etc/passwd and /etc/master.passwd by pwd_mkdb(8)). If this will be any
> consolation, getpwnam() won't return a password field when you have
> dropped root privileges either.
Peter is correct on both counts. If I had not sen his reply
first, I would have made the same reply. You cannot crypt
something you cannot read.
-- Terry
More information about the freebsd-hackers
mailing list