Re: radiusd-freeradius history and future

To: debian-devel@lists.debian.org
Cc: 155583@bugs.debian.org
Subject: Re: radiusd-freeradius history and future
From: Russell Coker <russell@coker.com.au>
Date: Thu, 13 Nov 2003 11:50:05 +1100
Message-id: <[🔎] 200311131150.05176.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20031113001555.GA9807@downhill.at.eu.org>
References: <20030111000253.29887.qmail@oak.oeko.net> <[🔎] 200311131043.58519.russell@coker.com.au> <[🔎] 20031113001555.GA9807@downhill.at.eu.org>

On Thu, 13 Nov 2003 11:15, Andreas Metzler <ametzler@downhill.at.eu.org> 
wrote:
> > Or do you have to be root for getpwnam() to work on NIS accounts?
>
> In certain NIS configurations you can only access the hashed password
> if your query to the NIS server comes from a privileged port <=1024,
> i.e. afaict yes.

This is so ugly.

Maybe we should have a debconf option for whether the program in question is 
to be SETUID root or SETGID shadow?  Then the minority of people who use NIS 
can have full functionality, while the majority of people who don't use NIS 
can have better security.

Reply to:

Follow-Ups:
- Re: radiusd-freeradius history and future
  - From: Henning Makholm <henning@makholm.net>
- Re: radiusd-freeradius history and future
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: radiusd-freeradius history and future
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>

References:
- Re: radiusd-freeradius history and future
  - From: Russell Coker <russell@coker.com.au>
- Re: radiusd-freeradius history and future
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>

Prev by Date: Re: Bug#220401: ITP: linux-experimental -- Linux 2.4 kernel [EXPERIMENTAL PACKAGE]
Next by Date: Re: ftpmaster accepts packages that have been rejected a few days ago
Previous by thread: Re: radiusd-freeradius history and future
Next by thread: Re: radiusd-freeradius history and future
Index(es):
- Date
- Thread