SYSKEY2. Request For Comments
Phil Mayers
p.mayers at ic.ac.uk
Fri Feb 4 19:34:43 GMT 2000
I'm afraid I agree. If you don't trust root, then you're screwed. If
someones get a root shell on the machine, you're deader than courdroy.
They can essentially do anything, hence it adds no real security, just
puts another step in the way.
Cheers,
Phil
jeremy at valinux.com wrote:
>
> > i am looking to implement an equivalent mechanism to SYSKEY, however i do
> > not have the relevant security skills to say whether a proposal is secure
> > or not.
>
> Why ? SYSKEY is a silly idea !
>
> Either you trust root, or you don't.
>
> If you don't trust root, then all the SYSKEY in
> the world doesn't help. If you do trust root, then
> why not let them see the hashed passwords ?
>
> Don't give me any "it improves security" crap,
> as it doesn't (unless you store the key off
> machine - on a floppy disk needed on machine boot).
>
> This is the same issue kerberos has.
>
> There is no need to complicate all our code with
> this stuff, it doesn't even add any security !
>
> What does everyone else think ? I don't want you
> to implement it - it's just a *bad* idea.
>
> Jeremy.
More information about the samba-ntdom
mailing list