[X-Unix] How secure is OS X storage of Unix passwords

[James Bucanek]

Kuestner, Bjoern wrote on Monday, April 4, 2005:

>Keychain holds a lot of passwords for OS X users: Web site access, disk
>images, etc.
>
>Most users have only their default keychain which is protected by their
>login password.
>
>Where and how secure does OS X store login passwords?

In Panther: encrypted Shadowhash files.  Pretty darn secure, because no one but root has access to the shadowhash files, making them impossible to crack using standard password guessing/hacking techniques.

>I understand OS X loads /etc/passwd into the netinfo DB. 

/etc/passwd is never used for anything except single-user boot.  Doring normal operation the file is ignored.  /etc/passwd is never loaded into the NIDB (unless you use the command-line tools to do it yourself, which would be kind of pointless since it's empty).  Read the comments in the file.

>Does OS X use the same standard "crypt" algorithm from traditional unix?

For passwords stored in the NIDB (i.e. passwords created on a pre-Panther system), then I believe the answer is yes.  Passwords created, or updated, in Panther are stored in the Shadowhash using sha1 + salt.

>Is that really only 56-bit long as I read on several web pages on the
>subject?

Pre-Panther, yes.  Panther and later, no.

>What good is then having sensitive data on the laptop within a 128-bit-key
>encrypted disk image?

Is that a retorical question? For data, 128 bit AES encryption is considered "strong" encryption.

<http://www.apple.com/macosx/features/security/>
<http://images.apple.com/macosx/pdf/Security_in_Mac_OS_X.pdf>

-- 
James Bucanek <mailto:privatereply at gloaming.com>