Re: radiusd-freeradius history and future
On Thu, 13 Nov 2003 11:15, Andreas Metzler <ametzler@downhill.at.eu.org>
wrote:
> > Or do you have to be root for getpwnam() to work on NIS accounts?
>
> In certain NIS configurations you can only access the hashed password
> if your query to the NIS server comes from a privileged port <=1024,
> i.e. afaict yes.
This is so ugly.
Maybe we should have a debconf option for whether the program in question is
to be SETUID root or SETGID shadow? Then the minority of people who use NIS
can have full functionality, while the majority of people who don't use NIS
can have better security.
Reply to: