Posted Mar 26, 2012 10:31 UTC (Mon) by migpc (guest, #24484)
Parent article: Shadow hardening
The proposal of having user's local password in a separate folder per user is very interesting. However, the locations suggested /etc/tcb or /etc/hardened-shadow are machine related, not user related; and passwords are user related. Wouldn't make sense to have passwords stored in a secured folder under user's home directory (like /home/linus/.shadow/)?. This would ease a lot machine migrations, backups and even local validation using shared directories.