On Wed, 27 Feb 2002, Octavian Rasnita wrote: > Hi all, > > I am new in Perl world, and I saw many messages telling that it is a > security problem is someone can download the passwd file from a Unix > machine. > I have 2 questions: > 1. As far as I know, that file has the passwords crypted and the person who > download it won't see the real password. > Or, are there guys who can break that protection? > 2. If I run Apache under Windows 2k, do I still have this problem?
Octavian: Yes - the passwd file (or the /etc/shadow file on most systems) must be protected because it is encrypted using a simple encryption method that could be decrypted if someone has enough time. -- Eric P. Los Gatos, CA -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
