[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: non-root password lookups?

>> "CL" == Chris Leishman <masklin@debian.org> writes:

CL> On Sun, Jan 17, 1999 at 07:37:05PM -0800, R Garth Wood wrote:
>> On Mon, 18 Jan 1999, Chris Leishman wrote:

>> > The main problem, however, is that it needs to validate the
>> people connecting, > thus needs to check username/password (like
>> pop).  Is there a way to do this > and still avoid using root
>> privileges for the daemon?

>> The passwd file is in the shadow group so you could run it sgid.
CL> I guess this is a way, but I was hoping there might be some sort
CL> of suid program or syscall that I can use to interface between me
CL> and the shadow file.

What use would shadow passwords have, if a unprivileged user can query 

I heared on Solaris you have a daemon, which takes username/password
and tells you if the combination is OK.

This could be of some use in Linux as well.


Reply to: