Re: [dev] [PATCH] [ubase] Simplify login

From: Alexander Huemer <alexander.huemer_AT_xx.vu>
Date: Wed, 4 Jun 2014 12:57:36 +0200

On Wed, Jun 04, 2014 at 12:44:01PM +0200, FRIGN wrote:
> On Wed, 4 Jun 2014 00:15:58 +0200
> Alexander Huemer <alexander.huemer_AT_xx.vu> wrote:
>
> > You think so? That's not at all what I personally associate with this
> > feature. Can you elaborate?
>
> Many people don't understand how hashing-functions work.

Obviously true.

> The shadow-file might suggest knowing the hash inherently unveils the
> password in some magic way.

This _might_ suggest that, but I'd say that's far fetched.

> In reality, the incorporation of the shadow-file was motivated to make
> brute-force-attacks slower and less effective, but they are still
> possible.

I don't think that was the sole motivation, just one of them.

> Thus, the shadow file locks things up a bit more, brings some more
> complexity

It adds some complexity, but quite moderately. You want to have those
hashing algos on your system anyway.

> but this doesn't mean /etc/passwd is insecure.

That's true, but not the point here.

> If you use strong passwords, you don't need the shadow-file. If you
> have a weak password, the shadow-file on the other hand just delays the
> eventual breach.
>
> Looking at it from the programmer's side: Implementing /etc/shadow
> brings more complexity to the program. Avoiding complexity is one goal
> to set, thus avoiding /etc/shadow is a good way to simplify things.
>
> As Dimitris said before: If you are serious about breaking into a
> computer, the security brought by login is laughable and easy to
> circumvent.

Obviously true. Physical access to a machine that does not store the
data encrypted is a sure win for the attacker.

LG,
-Alex
Received on Wed Jun 04 2014 - 12:57:36 CEST