Re: Shadow passwords and GNU su

To: clameter@waterf.org (Christoph Lameter)
Cc: tom@lpsg.demon.co.uk, debian-devel@lists.debian.org
Subject: Re: Shadow passwords and GNU su
From: marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)
Date: Wed, 11 Dec 1996 00:02:11 +0100 (MET)
Message-id: <[🔎] m0vXbBk-0007tSC@i17linuxb.ists.pwr.wroc.pl>
In-reply-to: <[🔎] Pine.LNX.3.95.961210142246.10855A-100000@waterf.org> from "Christoph Lameter" at Dec 10, 96 02:26:13 pm

Christoph Lameter:
> Note that the webserver behavior is quite customary for a lot of
> other apps as well. They all rely on the standard UNIX /etc/passwd layout.

Which apps are you referring to?  Most programs that do authentication
already run as root anyway (to be able to become the user), others
(such as xlock) are setuid root, but they get the user's encrypted
password at startup, and then do setuid(getuid()) as soon as possible.

> Perhaps we can work out something to make those applications work?

One possibility is to have a small setuid root program to do the
authentication, logs failures etc. and run it from the unprivileged
application.

Marek


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

References:
- Re: Shadow passwords and GNU su
  - From: Christoph Lameter <clameter@waterf.org>

Prev by Date: Re: Shadow passwords and GNU su
Next by Date: Re: double <h2> in http://www.debian.org/index.html
Previous by thread: Re: Shadow passwords and GNU su
Next by thread: Re: Shadow passwords and GNU su
Index(es):
- Date
- Thread