[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[leafnode-list] Question regarding authentification

While dealing with Mark Brown's authinfo patch, I wrote an extension for
the nntpd which allows authinfo based on the contents of /etc/passwd and
/etc/shadow -- or so I thought. Obviously, the nntpd cannot access the
shadowed password file since it does not run as the superuser but as
user "news" instead. Therefore, I am curious as to what your opinion is.
I see at least the following possibilities:

1) Ignoring authentification based on /etc/shadow

2) Let the nntpd run on UID (or GID) 0

3) Have an own user/password file which is readable by news:news

What do you think?


/* Cornelius Krasel, U Wuerzburg, Dept. of Pharmacology, Versbacher Str. 9 */
/* D-97078 Wuerzburg, Germany   email: phak004@xxxxxxxxxxxxxxxxxxxxxx  SP4 */
/* "Science is the game we play with God to find out what His rules are."  */

leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list