[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] Question regarding authentification

Cornelius Krasel <krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
: While dealing with Mark Brown's authinfo patch, I wrote an extension for
: the nntpd which allows authinfo based on the contents of /etc/passwd and
: /etc/shadow -- or so I thought. Obviously, the nntpd cannot access the
: shadowed password file since it does not run as the superuser but as
: user "news" instead. Therefore, I am curious as to what your opinion is.
: I see at least the following possibilities:

: 1) Ignoring authentification based on /etc/shadow

: 2) Let the nntpd run on UID (or GID) 0

: 3) Have an own user/password file which is readable by news:news

: What do you think?

Why not write a seperate SUID program that could be called by nntpd.
Then have nntpd simply pass the user name and password to it, and then
let the SUID program simply return an appropriate exit code to signify
whether the username and password were good.

 Michael | mfaurot  | Justice, n.:
 Faurot  | atww.org | 	A decision in your favor.

leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list