I would suggest you find a different form of authentation. Among other problems, you would be running your webserver or application with higher privileges to access /etc/shadow. If you must allow access as determined by system accounts, perhaps consider spawning a copy of /etc/shadow first.