Password shadowing:UNIX systems

Password shadowing is a security system where the encrypted password field of /etc/passwd is replaced with a special token and the encrypted password is stored in a separate file which is not readable
by normal system users.
To defeat password shadowing on many (but not all) systems, write a
program that uses successive calls to getpwent() to obtain the password file.

Example:
#include
main()
{
struct passwd *p;
while(p=getpwent())
printf("%s:%s:%d:%d:%s:%s:%s\n", p->pw_name, p->pw_passwd,
p->pw_uid, p->pw_gid, p->pw_gecos, p->pw_dir, p->pw_shell);
}
Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Followers