Password Hashes
John D Blair
jdblair at cobaltnet.com
Sun Aug 30 16:44:32 GMT 1998
DetlefEnge at aol.com wrote:
>
> In einer eMail vom 30.08.98 05:55:16 (MEZ) - Mitteleurop. Sommerzeit schreibt
> samba at samba.anu.edu.au:
>
> << # export SMBPASSWD='mypasswd'
> # gethash
> 74AC99CA40DED4204A3B108F3FA6CB6D:F671043BA08E88500D2EB5279AC65E53 >>
>
> This is nice. Every other user on the system can see that hash with ps. I
> would not call that extended security.
That depends on the OS. Linux does not allow you to view the
environment for a process unless you are the process owner or root, thus
this works for me. Other versions of UNIX differ in this behavior.
Your milage my vary. For example:
[jdblair at buddha mini]$ ps auxewww | grep httpd
nobody 1838 0.0 1.2 1432 780 ? S 11:44 0:00 httpd
nobody 1840 0.0 1.4 1556 924 ? S 11:44 0:00 httpd
root 1835 0.3 1.4 1556 924 ? S 11:44 0:00 httpd
root 1837 0.0 1.2 1428 772 ? S 11:44 0:00 httpd
[jdblair at buddha mini]$ ps auxewww | grep grep
jdblair 1849 0.0 0.5 844 340 p6 S 11:44 0:00 grep grep
USERNAME= ENV=/home/jdblair/.bashrc HISTSIZE=1000 HOSTNAME=buddha
LOGNAME=jdblair HISTFILESIZE=1000 MAIL=/var/spool/mail/jdblair
TERMCAP=xterm|vs100|xterm terminal emulator (X11R6 Window
System):am:km:mi:ms:xn:xo:co#80:it#8:li#24:AL=\E[%dL:DC=\E[%dP:D
I should have mentioned this in the original post.
-john.
---------------------------------------------------------------------
John D. Blair jdblair at cobaltnet.com
Software Engineer, Cobalt Networks Inc. http://www.cobaltnet.com
---------------------------------------------------------------------
More information about the samba
mailing list