Re: non-root password lookups?

To: Debian Mentorslist <debian-mentors@lists.debian.org>
Subject: Re: non-root password lookups?
From: martin@internet-treff.uni-koeln.de (Martin Bialasinski)
Date: 18 Jan 1999 10:36:35 +0100
Message-id: <[🔎] m102B6p-0003iCC@haitech.martin.home>
In-reply-to: Chris Leishman's message of "Mon, 18 Jan 1999 14:48:28 +1100"
References: <[🔎] 19990118115900.A1572@ormond.unimelb.edu.au> <Pine.LNX.4.05.9901171934340.4421-100000@peace.netnation.com> <[🔎] 19990118144828.A2250@ormond.unimelb.edu.au>

>> "CL" == Chris Leishman <masklin@debian.org> writes:

CL> On Sun, Jan 17, 1999 at 07:37:05PM -0800, R Garth Wood wrote:
>> On Mon, 18 Jan 1999, Chris Leishman wrote:
>> 

>> > The main problem, however, is that it needs to validate the
>> people connecting, > thus needs to check username/password (like
>> pop).  Is there a way to do this > and still avoid using root
>> privileges for the daemon?

>> 
>> The passwd file is in the shadow group so you could run it sgid.

CL> I guess this is a way, but I was hoping there might be some sort
CL> of suid program or syscall that I can use to interface between me
CL> and the shadow file.

What use would shadow passwords have, if a unprivileged user can query 
them?

I heared on Solaris you have a daemon, which takes username/password
and tells you if the combination is OK.

This could be of some use in Linux as well.

Ciao,
	Martin

Reply to:

Follow-Ups:
- Re: non-root password lookups?
  - From: Chris <chris@ormond.unimelb.edu.au>

References:
- non-root password lookups?
  - From: Chris Leishman <masklin@debian.org>
- Re: non-root password lookups?
  - From: Chris Leishman <masklin@debian.org>

Prev by Date: Re: Lintian error: executable-in-usr-doc
Next by Date: need to replace .orig.tar.gz
Previous by thread: Re: non-root password lookups?
Next by thread: Re: non-root password lookups?
Index(es):
- Date
- Thread