[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Shadow passwords and GNU su

On Tue, 10 Dec 1996, Marek Michalkiewicz wrote:

marekm >Are you sure about web servers?  I thought they use their own
marekm >authentication databases...  I'd rather not run any web server
marekm >as root, or even as group "shadow" (a simple misconfiguration
marekm >can compromise the shadow password file).

The authentication databases are compatible with /etc/passwd. We use our
/etc/passwd for authentication for webpages which have restricted access.
We do not run servers as root. The authentication is only for access to

marekm >This _was_ a long list, but most of the work is already done...
I have seen some of it.

--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---
PGP Public Key  =  FB 9B 31 21 04 1E 3A 33  C7 62 2F C0 CD 81 CA B5 

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: