[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Shadow passwords and GNU su

In your email to me, Marek Michalkiewicz, you wrote:
> Christoph Lameter:
> > You have to Add all the Webserver I guess since they can authenticate
> > based on /etc/passwd. Also poppassd and the pop-clients.
> Are you sure about web servers?  I thought they use their own
> authentication databases...  I'd rather not run any web server
> as root, or even as group "shadow" (a simple misconfiguration
> can compromise the shadow password file).

Both Roxen and Apache can authenticate from /etc/passwd (getpwnam)
or NIS.


 (work) sailer@bnl.gov / (home) tps@buoy.com - http://www.buoy.com/~tps
       "Management decisions have no effect on the laws of physics."
          -- anon
** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: