summaryrefslogtreecommitdiff
path: root/shadow/shadow.h
diff options
context:
space:
mode:
Diffstat (limited to 'shadow/shadow.h')
-rw-r--r--shadow/shadow.h16
1 files changed, 10 insertions, 6 deletions
diff --git a/shadow/shadow.h b/shadow/shadow.h
index 6f3a570e4b..351882e448 100644
--- a/shadow/shadow.h
+++ b/shadow/shadow.h
@@ -15,7 +15,11 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
-/* Declaration of types and functions for shadow password suite. */
+/* Declaration of types and functions for "shadow" storage of hashed
+ passphrases. The shadow database is like the user database, but is
+ only accessible with special privileges, so that malicious users
+ cannot retrieve everyone else's hashed passphrase to brute-force at
+ their convenience. */
#ifndef _SHADOW_H
#define _SHADOW_H 1
@@ -35,11 +39,11 @@
__BEGIN_DECLS
-/* Structure of the password file. */
+/* A record in the shadow database. */
struct spwd
{
char *sp_namp; /* Login name. */
- char *sp_pwdp; /* Encrypted password. */
+ char *sp_pwdp; /* Hashed passphrase. */
long int sp_lstchg; /* Date of last change. */
long int sp_min; /* Minimum number of days between changes. */
long int sp_max; /* Maximum number of days between changes. */
@@ -101,7 +105,7 @@ extern struct spwd *sgetspent (const char *__string);
therefore not marked with __THROW. */
extern struct spwd *fgetspent (FILE *__stream);
-/* Write line containing shadow password entry to stream.
+/* Write line containing shadow entry to stream.
This function is not part of POSIX and therefore no official
cancellation point. But due to similarity with an POSIX interface
@@ -137,10 +141,10 @@ extern int fgetspent_r (FILE *__stream, struct spwd *__result_buf,
/* The simple locking functionality provided here is not suitable for
multi-threaded applications. */
-/* Protect password file against multi writers. */
+/* Request exclusive access to /etc/passwd and /etc/shadow. */
extern int lckpwdf (void) __THROW;
-/* Unlock password file. */
+/* Release exclusive access to /etc/passwd and /etc/shadow. */
extern int ulckpwdf (void) __THROW;
__END_DECLS