Table of Contents
Advertisement
At this point, because each user's default umask is 002, all members of the
create and edit files in the
having to change file permissions every time users write new files.
5. Shadow Passwords
In multiuser environments it is very important to use shadow passwords (provided by the
package). Doing so enhances the security of system authentication files. For this
shadow-utils
reason, the installation program enables shadow passwords by default.
The following lists the advantages pf shadow passwords have over the traditional way of storing
passwords on UNIX-based systems:
• Improves system security by moving encrypted password hashes from the world-readable
file to
/etc/passwd
• Stores information about password aging.
• Allows the use the
/etc/login.defs
Most utilities provided by the
passwords are enabled. However, since password aging information is stored exclusively in the
file, any commands which create or modify password aging information do not
/etc/shadow
work.
The following is a list of commands which do not work without first enabling shadow passwords:
•
chage
•
gpasswd
•
/usr/sbin/usermod-e
•
/usr/sbin/useradd-e
6. Additional Resources
For more information about users and groups, and tools to manage them, refer to the following
resources.
6.1. Installed Documentation
• Related man pages — There are a number of man pages for the various applications and
configuration files involved with managing users and groups. Some of the more important
man pages have been listed here:
/usr/lib/emacs/site-lisp/
, which is readable only by the root user.
/etc/shadow
file to enforce security policies.
shadow-utils
or
options
-f
or
options
-f
directory without the administrator
package work properly whether or not shadow
Shadow Passwords
group can
emacs
95
Advertisement
Table of Contents
