Re: Shadow passwords and GNU su

To: marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)
Cc: clameter@waterf.org, tom@lpsg.demon.co.uk, debian-devel@lists.debian.org
Subject: Re: Shadow passwords and GNU su
From: sailer@sun10.sep.bnl.gov (Tim Sailer)
Date: Tue, 10 Dec 1996 12:11:23 -0500 (EST)
Message-id: <[🔎] 9612101711.AA07404@sun10.sep.bnl.gov.sep>
In-reply-to: <[🔎] m0vXVTZ-0007t7C@i17linuxb.ists.pwr.wroc.pl> from "Marek Michalkiewicz" at Dec 10, 96 05:56:12 pm

In your email to me, Marek Michalkiewicz, you wrote:
> 
> Christoph Lameter:
> > You have to Add all the Webserver I guess since they can authenticate
> > based on /etc/passwd. Also poppassd and the pop-clients.
> 
> Are you sure about web servers?  I thought they use their own
> authentication databases...  I'd rather not run any web server
> as root, or even as group "shadow" (a simple misconfiguration
> can compromise the shadow password file).

Both Roxen and Apache can authenticate from /etc/passwd (getpwnam)
or NIS.

Tim

-- 
 (work) sailer@bnl.gov / (home) tps@buoy.com - http://www.buoy.com/~tps
       "Management decisions have no effect on the laws of physics."
          -- anon
** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

References:
- Re: Shadow passwords and GNU su
  - From: marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)

Prev by Date: Re: More on shadow passwords
Next by Date: Re: Maintainer change
Previous by thread: Re: Shadow passwords and GNU su
Next by thread: Re: Shadow passwords and GNU su
Index(es):
- Date
- Thread