UNIX password security : Ten years later

Mostrar todas las versiones(2)

Detalles Bibliográficos
Autor Principal:	Feldmeier, David C.
Otros autores o Colaboradores:	Karn, Philip R.
Formato:	Capítulo de libro
Lengua:	inglés
Temas:	UNIX SISTEMAS OPERATIVOS AUTENTICACIÓN SEGURIDAD Y PROTECCIÓN
Acceso en línea:	dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C89/44.PDF Consultar en el Cátalogo
Resumen:	Passwords in the UNIX operating system are encrypted with the crypt algorithm and kept in the publicly-readable file /etc/passwd. This paper examines the vulnerability of UNIX to attacks on its password system. Over the past 10 years, improvements in hardware and software have increased the crypts/second/dollar ratio by five orders of magnitude. We reexamine the UNIX password system in light of these advances and point out possible solutions to the problem of easily found passwords.
Notas:	Formato de archivo: PDF. -- Disponible también en línea (Cons. 27-05-2008)
Descripción Física:	Datos electrónicos (1 archivo : 1102 KB)

dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C89/44.PDF

Consultar en el catálogo de Biblioteca Publica UNLP

foreach (glob($this->path . '/sess_*') as $filename) { if (filemtime($filename) + $maxlifetime < time()) { unlink($filename); } } return true; } /** * A function that is called internally when session data is to be saved. * * @param string $sessId The current session ID * @param string $data The session data to write * * @return bool */ protected function saveSession($sessId, $data): bool { $sessFile = $this->path . '/sess_' . $sessId; if ($handle = fopen($sessFile, 'w')) { $return = false; // Lock the file for exclusive access to avoid issues with multiple // processes writing session simultaneously: if (flock($handle, LOCK_EX)) { $return = fwrite($handle, $data); // Make sure that there's no trailing data by truncating the file to // the correct length: ftruncate($handle, strlen($data)); fflush($handle); flock($handle, LOCK_UN); } fclose($handle); if ($return !== false) { return true; } } // If we got this far, something went wrong with the file output... // It is tempting to throw an exception here, but this code is called // outside of the context of exception handling, so all we can do is // echo a message.

// Anecdotal testing Today and Yesterday seems to indicate destroy() // is called by the garbage collector and everything is good. // Something to keep in mind though. return true; } /** * Write function that is called when session data is to be saved. * * @param string $sessId The current session ID * @param string $data The session data to write * * @return bool */ public function write($sessId, $data): bool { if ($this->writesDisabled) { return true; } return $this->saveSession($sessId, $data); } /** * A function that is called internally when session data is to be saved. * * @param string $sessId The current session ID * @param string $data The session data to write * * @return bool */ abstract protected function saveSession($sessId, $data): bool; }

* * @return void */ public function writeClose() { // The assumption is that we're using PHP's ext/session. // session_write_close() will actually overwrite $_SESSION with an // empty array on completion -- which leads to a mismatch between what // is in the storage object and $_SESSION. To get around this, we // temporarily reset $_SESSION to an array, and then re-link it to // the storage object. // // Additionally, while you _can_ write to $_SESSION following a // session_write_close() operation, no changes made to it will be // flushed to the session handler. As such, we now mark the storage // object isImmutable. $storage = $this->getStorage(); if (! $storage->isImmutable()) { $_SESSION = $storage->toArray(true); session_write_close(); $storage->fromArray($_SESSION); $storage->markImmutable(); } } /** * Attempt to set the session name * * If the session has already been started, or if the name provided fails * validation, an exception will be raised. * * @param string $name * @return SessionManager * @throws Exception\InvalidArgumentException */ public function setName($name) { if ($this->sessionExists()) { throw new Exception\InvalidArgumentException( 'Cannot set session name after a session has already started'

Environment & details:

GET Data empty

POST Data empty

Files empty

Key	Value
VUFIND_SESSION	"ea65qjob4j5ioosmcm5m8mmu4s"
language	"es"
ui	"standard"

Session

Key	Value
__Laminas	array:2 [`"_REQUEST_ACCESS_TIME" => 1749464884.2963 "_VALID" => array:1 [ "Laminas\Session\Validator\Id" => "ea65qjob4j5ioosmcm5m8mmu4s" ]`]
SessionState	Laminas\Stdlib\ArrayObject {#906}
FlashMessenger	Laminas\Stdlib\ArrayObject {#1507}
SessionHelper	Laminas\Stdlib\ArrayObject {#1671}

Server/Request Data

Key	Value
REDIRECT_SCRIPT_URL	"/Record/dun.52150"
REDIRECT_SCRIPT_URI	"http://vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar/Record/dun.52150"
REDIRECT_VUFIND_ENV	"development"
REDIRECT_VUFIND_LOCAL_DIR	"/usr/local/vufind/local"
REDIRECT_STATUS	"200"
SCRIPT_URL	"/Record/dun.52150"
SCRIPT_URI	"http://vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar/Record/dun.52150"
VUFIND_ENV	"development"
VUFIND_LOCAL_DIR	"/usr/local/vufind/local"
HTTP_ACCEPT	"/"
HTTP_USER_AGENT	"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
HTTP_COOKIE	"VUFIND_SESSION=ea65qjob4j5ioosmcm5m8mmu4s; language=es; ui=standard"
HTTP_ACCEPT_ENCODING	"gzip, br, zstd, deflate"
HTTP_HOST	"vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar"
HTTP_VIA	"1.1 squid-proxy-5b5d847c96-44k92 (squid/6.10)"
HTTP_X_FORWARDED_FOR	"10.1.8.200"
HTTP_CACHE_CONTROL	"max-age=259200"
HTTP_CONNECTION	"keep-alive"
PATH	"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
SERVER_SIGNATURE	"<address>Apache/2.4.52 (Ubuntu) Server at vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar Port 80</address>\n"
SERVER_SOFTWARE	"Apache/2.4.52 (Ubuntu)"
SERVER_NAME	"vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar"
SERVER_ADDR	"172.17.0.170"
SERVER_PORT	"80"
REMOTE_ADDR	"216.73.216.206"
DOCUMENT_ROOT	"/usr/local/vufind/public"
REQUEST_SCHEME	"http"
CONTEXT_PREFIX	""
CONTEXT_DOCUMENT_ROOT	"/usr/local/vufind/public"
SERVER_ADMIN	"webmaster@bibliotecas.unlp.edu.ar"
SCRIPT_FILENAME	"/usr/local/vufind/public/index.php"
REMOTE_PORT	"8913"
REDIRECT_URL	"/Record/dun.52150"
GATEWAY_INTERFACE	"CGI/1.1"
SERVER_PROTOCOL	"HTTP/1.1"
REQUEST_METHOD	"GET"
QUERY_STRING	""
REQUEST_URI	"/Record/dun.52150"
SCRIPT_NAME	"/index.php"
PHP_SELF	"/index.php"
REQUEST_TIME_FLOAT	1749464884.2861
REQUEST_TIME	1749464884

Environment Variables empty

Registered Handlers

0. Whoops\Handler\PrettyPageHandler

Environment & details:

GET Data empty

POST Data empty

Files empty

Key	Value
VUFIND_SESSION	"ea65qjob4j5ioosmcm5m8mmu4s"
language	"es"
ui	"standard"

Session

Key	Value
__Laminas	array:2 [`"_REQUEST_ACCESS_TIME" => 1749464884.2963 "_VALID" => array:1 [ "Laminas\Session\Validator\Id" => "ea65qjob4j5ioosmcm5m8mmu4s" ]`]
SessionState	Laminas\Stdlib\ArrayObject {#906}
FlashMessenger	Laminas\Stdlib\ArrayObject {#1507}
SessionHelper	Laminas\Stdlib\ArrayObject {#1671}

Server/Request Data

Key	Value
REDIRECT_SCRIPT_URL	"/Record/dun.52150"
REDIRECT_SCRIPT_URI	"http://vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar/Record/dun.52150"
REDIRECT_VUFIND_ENV	"development"
REDIRECT_VUFIND_LOCAL_DIR	"/usr/local/vufind/local"
REDIRECT_STATUS	"200"
SCRIPT_URL	"/Record/dun.52150"
SCRIPT_URI	"http://vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar/Record/dun.52150"
VUFIND_ENV	"development"
VUFIND_LOCAL_DIR	"/usr/local/vufind/local"
HTTP_ACCEPT	"/"
HTTP_USER_AGENT	"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
HTTP_COOKIE	"VUFIND_SESSION=ea65qjob4j5ioosmcm5m8mmu4s; language=es; ui=standard"
HTTP_ACCEPT_ENCODING	"gzip, br, zstd, deflate"
HTTP_HOST	"vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar"
HTTP_VIA	"1.1 squid-proxy-5b5d847c96-44k92 (squid/6.10)"
HTTP_X_FORWARDED_FOR	"10.1.8.200"
HTTP_CACHE_CONTROL	"max-age=259200"
HTTP_CONNECTION	"keep-alive"
PATH	"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
SERVER_SIGNATURE	"<address>Apache/2.4.52 (Ubuntu) Server at vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar Port 80</address>\n"
SERVER_SOFTWARE	"Apache/2.4.52 (Ubuntu)"
SERVER_NAME	"vufind10-pruebas.sigbunlp.bibliotecas.unlp.edu.ar"
SERVER_ADDR	"172.17.0.170"
SERVER_PORT	"80"
REMOTE_ADDR	"216.73.216.206"
DOCUMENT_ROOT	"/usr/local/vufind/public"
REQUEST_SCHEME	"http"
CONTEXT_PREFIX	""
CONTEXT_DOCUMENT_ROOT	"/usr/local/vufind/public"
SERVER_ADMIN	"webmaster@bibliotecas.unlp.edu.ar"
SCRIPT_FILENAME	"/usr/local/vufind/public/index.php"
REMOTE_PORT	"8913"
REDIRECT_URL	"/Record/dun.52150"
GATEWAY_INTERFACE	"CGI/1.1"
SERVER_PROTOCOL	"HTTP/1.1"
REQUEST_METHOD	"GET"
QUERY_STRING	""
REQUEST_URI	"/Record/dun.52150"
SCRIPT_NAME	"/index.php"
PHP_SELF	"/index.php"
REQUEST_TIME_FLOAT	1749464884.2861
REQUEST_TIME	1749464884

Environment Variables empty

Registered Handlers

0. Whoops\Handler\PrettyPageHandler

UNIX password security : Ten years later

dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C89/44.PDF

Consultar en el catálogo de Biblioteca Publica UNLP

Ejemplares similares

Environment & details:

Environment & details: