Quote:
Originally Posted by
SkySmart
yeah file permission setting is completely out of the equation since everyone has root here. that's out of my control. but what is under my control is making sure script is inoperable unless the proper password is written.
If everyone has root, then why bother? If everyone has root, any countermeasure can be undermined and neither security nor accountability are a priority.
So, obviously, this system is insecure. That may acceptable; we don't know any of the particulars. If you explain what you are to trying to accomplish, instead of asking how to implement what you think is the solution, we may be able to provide useful advice.
As it stands, what you have asked is nonsensical. How can you use the shadow file to defend against an attacker who has permission to modify the shadow file?
Regards,
Alister
P.S. With regard to authenticating using the shadow file, it can be done using whatever interfaces your system provides to login, nagios, etc (my UNIX doesn't have a shadow file).