10.5. Access control
The user database is traditionally contained in the
/etc/passwd file. Some systems use
shadow passwords, and have moved the
passwords to /etc/shadow. Sites with many
computers that share the accounts use NIS or some other method
to store the user database; they might also automatically copy
the database from one central location to all other computers.
The user database contains not only the passwords, but
also some additional information about the users, such as their
real names, home directories, and login shells. This other
information needs to be public, so that anyone can read it.
Therefore the password is stored encrypted. This does have
the drawback that anyone with access to the encrypted password
can use various cryptographic methods to guess it, without
trying to actually log into the computer. Shadow passwords try
to avoid this by moving the password into another file, which
only root can read (the password is still stored encrypted).
However, installing shadow passwords later onto a system that
did not support them can be difficult.
With or without passwords, it is important to make
sure that all passwords in a system are good, i.e., not easily
guessed. The crack program can be used
to crack passwords; any password it can find is by definition
not a good one. While crack can be run
by intruders, it can also be run by the system administrator
to avoid bad passwords. Good passwords can also be enforced
by the passwd program; this is in fact more
effective in CPU cycles, since cracking passwords requires quite
a lot of computation.
The user group database is kept in
/etc/group; for systems with shadow
passwords, there can be a /etc/shadow.group.
root usually can't login via most terminals
or the network, only via terminals listed in the
/etc/securetty file. This makes it necessary
to get physical access to one of these terminals. It is, however,
possible to log in via any terminal as any other user, and use
the su command to become root.