Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our specialty !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Password Files

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Anonymity
Author Message
digital8
Second Lieutenant


Joined: 29 Sep 2005
Posts: 1002

PostPosted: Sat Oct 01, 2005 1:42 pm    Post subject: Password Files Reply with quote
On Unix systems, there are usually two kinds of password files.
The first one is located at /etc/passwd. It is world-readable (everyone can read this file) and it is called the "shadowed" password file. It contains everything besides the passwords. The passwords (encrypted) are in /etc/shadow and only root has read and write access to it (or other users, if root decides to let them read it).
Why do everyone need access to the password file, you ask? I'll explain.
The password file has seven fields. Each field is seperated by a :, so it looks like this:
field1:field2:field3:field4:field5:field6:field7
Now, field1 contains the username. Field2 contains the encrypted password. Field3 contains some free text about the user. Field4 contains the user's UID (User ID. If the user's UID is zero he has root priviledges. Two users with the same UID have identical priviledges). Field5 contains the user's GID (Group ID. Same as UID, only you can give priviledges to a large group of users in a single command. GID zero is root). Field6 contains the user's home directory (where his personal configurations files are stored). Field7 contains the user's shell (a program that is executed once the user logs in. Usually a command interpreter, which is a program that accepts commands from you and executes them).
Now, everyone needs read access to the shadowed file for certain reasons. For example: each file has an owner. The owner of the file can change access patterns (priviledges) to himself or to other users for that file using the command chmod xxx (the first x is for your priviledges, the second is for priviledges for your group and the third is for the rest of the outside world. 1 is read, 2 is write, 4 is execute. If you want read, write and execute for yourself, read only for your group and nothing for the rest of the world, type chmod 710 filename. read+write+execute=1+2+4=7, read=1, nothing=0. Got it?). He can also use the owner of the file using the command chown filename new-owner.
Anyway, the owner's UID is embedded into the file. If you actually want to know the owner's name, you will need to look at the password file and find out who owns this UID. Get it?
So anyway, the shadowed password file needs to be read by everyone for various purposes. So why is this interesting? Because of the free text field (field3).
Some admins insert the user's real name, telephone number, home address and other information about him in this field, so it might be very very useful if you want to find information about this user.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Anonymity All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group