Re: Shadow passwords and GNU su
In your email to me, Marek Michalkiewicz, you wrote:
>
> Christoph Lameter:
> > You have to Add all the Webserver I guess since they can authenticate
> > based on /etc/passwd. Also poppassd and the pop-clients.
>
> Are you sure about web servers? I thought they use their own
> authentication databases... I'd rather not run any web server
> as root, or even as group "shadow" (a simple misconfiguration
> can compromise the shadow password file).
Both Roxen and Apache can authenticate from /etc/passwd (getpwnam)
or NIS.
Tim
--
(work) sailer@bnl.gov / (home) tps@buoy.com - http://www.buoy.com/~tps
"Management decisions have no effect on the laws of physics."
-- anon
** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: