Re: Bug #23053 (was Re: fix for frozen)
On Fri, Jun 05, 1998 at 04:01:08PM +0200, Turbo Fredriksson wrote:
> > Now correct me if I'm wrong... but a package shouldn't go messing with
> > permissions of files that are so important without the user saying "I
> > want this". True?
> Right! My fault (or maybe Linux/Linus, I don't know. If I, as root, modifies/creates
> a file, I, and my primary group will own this file. True?
[snippety]
> > This in addition to the fact that xadmin doesn't create
> > /etc/shadow and therefore doesn't own it. (Note that this especially includes
> > any attempt to directly modify the files, say in order to add or delete an
> > account. newusers, adduser or useradd should be used for this purpose.)
> That was exactly what happens! I, as root is adding/creating/deleting (etc) a user,
> the program xAdmin is therefor run by root, therefor /etc/shadow will be owned by
> root.root, True?
You misunderstood the word "own". Think "belonging to a package", as
in "I shouldn't go around mucking /etc/inetd.conf because it is not
owned by me -- so I'll use update-inetd.
> The fix is simple:
> chown("/etc/shadow", "root", "group");
Somehow I feel this code might not do proper locking etc. Don't trust
a multi-thousand user system on it..
--
tv-nospam-sig-1@hq.yok.utu.fi - it's a valid address w/o spam
--
To UNSUBSCRIBE, email to debian-mentors-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: