I am feeling really stupid here.  If an unaudited user is on the system with
a malware program going anywhere and doing anything why would he bother
hijacking passwords?


---------------------------------------------------------
Booth Martin   http://www.MartinVT.com
Booth@MartinVT.com
---------------------------------------------------------

-------Original Message-------

From: midrange-l@midrange.com
Date: Thursday, October 24, 2002 12:05:11 PM
To: midrange-l@midrange.com
Subject: Re: Need to generate passwords

> Leif, where is this encrypted password file? Is it in a place where any

> user can read it?


no and yes.
Under normal circumstances you need special authorities to get at
this file ("table" would be a better description: QSYS/QSYUPTBL,
type=X'0EC5'), but there exist malware programs that can access
anything everywhere without the user needing special authority
and without auditing of his activity.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.