Cores and Extras Heliotropic Computing

User administration and password storage in solaris is done in a pretty secured way. Before going to that topic first some basic idea about user administration is required. A system administrator can use the useradd command to add a new user in the system. This command commonly used in the following fashion :
# useradd -u uid -g gid -G (gid1,gid2) -m -d homedirectory -s loginshell -c comment loginname
Here -m option is used to create the home directory for that user if it's doesn't exist , comment normally contains the user's full name etc.
Otherwise an administrator may choose to edit the /etc/passwd file to add a new user. Then he would be required to add a line to that file like :
loginname:x:UID:GID:comment:homedirectory:loginshell
and create a home directory manually. Anyway then he would be needed to setup a password for the user. 'passwd' command is used to setup a password or change login password.'passwd username' is used to do it.
Now all users of a system has read only permission to the /etc/passwd file. That's why passwords are not stored there, only 'x' was mentioned in place of passwords. Though passwords are stored in encrypted format but decryption software exist which may decrypt those passwords.Passwords are stored in /etc/shadow file which only root user can read.
A user may use the passwd command to change his login password and the root user may use it to change login password of any user. Now when passwd command is used to change passwords , it follows a series of steps. Here's the step by step description :

i) It asks for the old password. There are several reasons behind it , first of all authentication and second, checking if aging is sufficiient.
ii) Then it asks for the new password. After entering one , it checks passwords contraints from  /etc/default/passwd. System administrator may change that file according to necessity and required security. If it fullfills all constraints then it asks for the new password again to confirm.
iii) Then it consults the passwd and passwd_compat entry in /etc/nsswitch.conf file to determine where the update will be stored. 

We have already discussed about the /etc/passwd and /etc/shadow file. Actually /etc/shadow file creates an entries with informations from /etc/passwd. Check out the man page of pwconv to use the system administrator's command to install and update /etc/shadow with informations from /etc/passwd.
The steps behind passwd command , what we discussed already is bit different for the root user . For a root user there's no constraint for setting or changing a new password , even it won't ask for the older one.

Now to sum it all up , the system files behind the password storage are :
/etc/passwd
/etc/shadow
/etc/opasswd
/etc/oshadow
/etc/default/passwd

Check out 'man passwd' for more detail description.

When your shell script generating a temporary file for programming purpose you must be very careful as it's much vulnerable to attack. Say, you are using a shell script which creates temporary files in this unsecured way:
sort /home/ritwik/filename > /tmp/temp.$$
Now this code will generate a temporary file with the PID as a suffix. It will help an attacker to guess the other filenames. Since PID of your program will most likely be between 1 and 33000, if he creates 33000 symlinks one of them will definitely work.Now if an attacker creates a symlink with the assumed file name and point it to another file , say abc , then abc will be overwritten. If abc is an important system file then the system will be suffered. Atleast if the attacker edits the contents of the temporary file (since all user has read write permission in /tmp directory) the program will produce a wrong output.
Removing the symlink ( you can do it by : rm -rf /tmp/temp.$S) won't be a good solution as an attacker may recreate it before the sort command execution.
Solaris provides a much safer way to create temporary files with 'mktemp' (Check out 'man mktemp'). As the man page suggest , you can create a temporary file securely in this way :

TMPFILE=`mktemp -t example.XXXXXX`
if [ -z "$TMPFILE" ]; then exit 1; fi
echo "program output" >> $TMPFILE

Here you can place some X as a suffix which will be replaced by some random value , so pretty difficult to assume the file name.

Now think about some another condition , where you have created a good number of temporary files in a shell script. If you want to create each file in the above mentioned way , that would be a pretty laborious job. 'mktemp' provides another option to securely create a temporary directory in this way :

TMPDIR=`mktemp -d /usr/tmp/dir.XXXXXX`
if [ -z "$TMPDIR" ]; then exit 1; fi
echo "program output" >> $TMPDIR/somefilename

Here also you can place some X as a suffix which will be replaced by some random value , so pretty difficult to assume the directory name.