Subject: Re: [netatalk-admins] shared Logins on UNIX/Mac?
From: Osma Ahvenlampi (oa@spray.fi)
Date: Wed Aug 12 1998 - 09:25:39 EDT
Michael M Han <han@windy.ckm.ucsf.edu> writes:
> That's a laugh. MacOS more secure than UNIX. Pretty much every UNIX is
> minimally C2-classified (US Dept. of Defense rates OS security), as is
> NT and Netware. MacOS has never been tested and won't be until OS X
You can't DoD certify "UNIX". C2 certification only applies to
specific configurations right down to exact hardware make and model,
installed extra hardware, and the programs installed on the system.
NT 3.51 on a Compaq Proliant server (forget which one, but an old one)
is indeed C2 certified when not equipped with networking hardware. I
doubt there's much else off-the-shelf operating system software that
is (but I'm sure you can special-order such configurations from Sun or
Hewlett-Packard).
MacOS is sometimes called more secure than UNIX simply because it is
not a multi-user system, and offers no TCP/IP network services. On the
other hand, most UNIX installations offer a whole slew of them, all
enabled by default, and in unqualified hands, a UNIX system is very
difficult to keep secure. That's the price you pay for its
versatility. On the other hand, if you're actually looking for
something that can serve a network, and are able to configure all
parts of it correctly, well, MacOS won't do it.
> But in more technical terms, the MacOS-native encryption for passwords
> requires that the server know the *clear-text* form of the password.
> This is distinct from Unix or NT which one-way *hash* the password.
> When they receive passwords, they first hash them and then compare
This isn't quite true either. Perhaps a MacOS server does need to
store passwords in clear-text to avoid transmitting them over the
network (although I don't understand why that helps). UNIX passwords
are stored as one-way hash strings, and the server doesn't know the
real password. Comparison is done by hashing the incoming password and
seeing if the hashes match.
NT encrypted network passwords, on the other hand, _are_ hashed on
disk and not transmitted in the clear over the network. Unfortunately,
due to the authentication algorithm, the on-disk hash checksum of the
password is functionally equivalent to the clear-text password - if
you can get your hands on it, and if you can use modified client
software, you don't have to know the original clear-text password at
all. Guess why the password file is one of the strongest-protected
files in the NT registry..
In short: MacOS security, if the description above is correct, relies
on the server being uncompromised and the password file safe. NT
security depends on the same thing, adding some extra technical
difficulties to the would-be-cracker (but technical difficulties can
be overcome, and these aren't that difficult to overcome). UNIX
password security, on the other hand, is not necessarily compromised
if the password file is stolen (if all passwords in it are good, the
only feasible attack, the brute-force dictionary search, is not
feasible). It does, however, transmit passwords in cleartext, so it
really isn't good for anything but console logins or strongly
encrypted session protocols (like ssh, IMAP over SSL, or similar).
> passwords; it may encrypt them. But it would have to be a two-way
> encryption, meaning that it would be trivial to decrypt the passwords.
> A sufficiently large key and good implementation would thwart such
> attempts, but that would bring on questions of US Export laws
No two-way encryption scheme would help, because the decoding key
would have to be known by the server, and would be compromised along
with the password file itself. No shared-secret handshake (like the NT
authentication) is safe either, unless the passwords are one-time use
only (see S/KEY by Bellcore, or the equivalent algorithm described in
RFC 2289). Public-key authentication works, but requires that the user
carries her secret key with her in safe storage (the iButton, as
featured on the JavaRings, would be a good solution for that - see
www.ibutton.com).
Authentication isn't easy. ;)
> This can't be done. MacOS *does* encrypt passwords while they're on
> the wire. It uses what they call RandNum which involves the exchange
> of a random number which is hashed using the password as a key. The
Sounds like the NT authentication, and has the same drawbacks.
-- Ideas "off the top of the head" are like dandruff -- small and flaky. Osma Ahvenlampi <oa@spray.fi>
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:33:04 EST