[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] Question regarding authentification

To: leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [leafnode-list] Question regarding authentification
From: "Michael Faurot" <mfaurot@xxxxxxxx>
Date: by ns (mbox horst.fischer)(with Cubic Circle's cucipop (v1.31 1998/05/13) Thu Jul 22 20:48:07 1999)

Cornelius Krasel <krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
: While dealing with Mark Brown's authinfo patch, I wrote an extension for
: the nntpd which allows authinfo based on the contents of /etc/passwd and
: /etc/shadow -- or so I thought. Obviously, the nntpd cannot access the
: shadowed password file since it does not run as the superuser but as
: user "news" instead. Therefore, I am curious as to what your opinion is.
: I see at least the following possibilities:

: 1) Ignoring authentification based on /etc/shadow

: 2) Let the nntpd run on UID (or GID) 0

: 3) Have an own user/password file which is readable by news:news

: What do you think?

Why not write a seperate SUID program that could be called by nntpd.
Then have nntpd simply pass the user name and password to it, and then
let the SUID program simply return an appropriate exit code to signify
whether the username and password were good.

-- 
------------------------------------------------------------------------------
 Michael | mfaurot  | Justice, n.:
 Faurot  | atww.org | 	A decision in your favor.

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list

Follow-Ups:
- Re: [leafnode-list] Question regarding authentification
  - From: Cornelius Krasel

Prev by Date: Re: [leafnode-list] [ANNOUNCE]changes in list archieves
Next by Date: Re: [leafnode-list] Question regarding authentification
Previous by thread: Re: [leafnode-list] Question regarding authentification
Next by thread: Re: [leafnode-list] Question regarding authentification
Index(es):
- Date
- Thread