Slashdot Mirror
National Censorship Plan Offensive, Says Aussie Shadow Minister
downundarob writes "Senator Nick Minchin, the Australian Shadow Minister for broadband, communications and the digital economy, has written (or more likely a staffer has written) this interesting article on the Australian Federal Government's continued zeal to enforce ISP-level filtering in Australia. In the article he posits that 'Underlying the Rudd Government's plan to screen the internet is an offensive message: that parents cannot be trusted to mind their children online.' Meanwhile, we wait for filtering trials to start, trials that have been delayed and which have next-to-no support among the industry. Telstra BigPond — Australia's largest ISP — has refused to take part, comparing internet filtering to 'like trying to boil the ocean.' The third largest, iiNet, is prepared to participate to highlight flaws."
The /etc/passwd file also contains information like user ID's and group ID's that are used by many system programs. Therefore, the /etc/passwd file must remain world readable. If you were to change the /etc/passwd file so that nobody can read it, the first thing that you would notice is that the ls -l command now displays user ID's instead of names!
The Shadow Suite solves the problem by relocating the passwords to another file (usually /etc/shadow). The /etc/shadow file is set so that it cannot be read by just anyone. Only root will be able to read and write to the /etc/shadow file. Some programs (like xlock) don't need to be able to change passwords, they only need to be able to verify them. These programs can either be run suid root or you can set up a group shadow that is allowed read only access to the /etc/shadow file. Then the program can be run sgid shadow.
By moving the passwords to the /etc/shadow file, we are effectively keeping the attacker from having access to the encoded passwords with which to perform a dictionary attack.
http://tldp.org/HOWTO/Shadow-Password-HOWTO-2.html
Fnord.