From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <47ceaaf73c3e603de233603be3fa42d1@terzarima.net> To: esoriano@lsub.org, 9fans@cse.psu.edu Subject: Re: [9fans] plain passwords and keyfs From: Charles Forsyth Date: Fri, 23 Jul 2004 17:10:43 +0100 In-Reply-To: <1090588496.13043.40.camel@ronin.dat.escet.urjc.es> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-chmtmqqthlmmifpkuobcxffdzf" Cc: Topicbox-Message-UUID: c552b2f0-eacd-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-chmtmqqthlmmifpkuobcxffdzf Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit the Plan 9 password is scrambled, into key not secret. secret is used for access to other systems. i don't think you must set it. it is in plain text because it's hard to say which particular scrambling algorithm, if any, will be used to talk to those other systems. --upas-chmtmqqthlmmifpkuobcxffdzf Content-Type: message/rfc822 Content-Disposition: inline Received: from mail.cse.psu.edu ([130.203.4.6]) by lavoro; Fri Jul 23 14:20:49 BST 2004 Received: from psuvax1.cse.psu.edu (localhost [127.0.0.1]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 7C88C19FAB for ; Fri, 23 Jul 2004 09:18:41 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: from localhost (neuromancer.cse.psu.edu [130.203.4.2]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id D57DB19BF4 for <9fans@cse.psu.edu>; Fri, 23 Jul 2004 09:18:28 -0400 (EDT) Received: from mail.cse.psu.edu ([130.203.4.6]) by localhost (neuromancer [130.203.4.2]) (amavisd-new, port 10024) with LMTP id 04362-01-90 for <9fans@cse.psu.edu>; Fri, 23 Jul 2004 09:18:22 -0400 (EDT) Received: from aquamar.escet.urjc.es (plan9.escet.urjc.es [212.128.4.205]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 7A64F19C56 for <9fans@cse.psu.edu>; Fri, 23 Jul 2004 09:18:22 -0400 (EDT) Received: from ronin.dat.escet.urjc.es ([193.147.71.93]) by aquamar; Fri Jul 23 15:18:16 MDT 2004 X-warning: suspect envelope domain X-warning: suspect From: domain From: Enrique Soriano Salvador To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Content-Type: text/plain Organization: Laboratorio de Sistemas, URJC Message-Id: <1090588496.13043.40.camel@ronin.dat.escet.urjc.es> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Fri, 23 Jul 2004 15:14:56 +0200 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at cse.psu.edu Subject: [9fans] plain passwords and keyfs X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.1.5 Precedence: list Reply-To: esoriano@lsub.org, Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: 9fans-bounces+forsyth=terzarima.net@cse.psu.edu Errors-To: 9fans-bounces+forsyth=terzarima.net@cse.psu.edu Why does keyfs serve the users password in plain text on the file /mnt/keys/user/secret ? I know that the man in front of the cpu/auth server is the only one that can see the users passwords... but it can be dangerous for users that have the same password for different systems (unix, win, plan9 ...) { I am changing my Unix passwords in this very moment, so nemo and gorka can now see my password-for-all in plain text!!! :) } As far as I know, in other systems (i.e. unix) the admin cannot see the users passwords (of course, he can try to crack the /etc/shadow file or to make other malicious acts) I am sure that there is a design related explanation for that... Thanks! Q. --upas-chmtmqqthlmmifpkuobcxffdzf--