On Mon, Jan 18, 1999 at 10:36:35AM +0100, Martin Bialasinski wrote: > > What use would shadow passwords have, if a unprivileged user can query > them?
Well...then the query is at your control - and if you make a single query take a full second (or more) then it will take a very long time to brute force anything (and thats assuming there is no logging). > > I heared on Solaris you have a daemon, which takes username/password > and tells you if the combination is OK. Ahh....that sounds interesting....I'll have to reaserch into that idea. Bye, Chris -- ---------------------------------------------------------------------- The box said "Windows 95, NT or better" .. so I installed Debian Linux ---------------------------------------------------------------------- Reply with subject 'request key' for PGP public key. KeyID 0xA9E087D5
