[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] Question regarding authentification

Cornelius Krasel <krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
: Michael Faurot wrote:

:> Why not write a seperate SUID program that could be called by nntpd.

: I don't think this is a good idea because it overrides the additional
: security provided by /etc/shadow. Any other program will be able to
: call this suid program as well, and therefore there is no point in
: using /etc/shadow any more.

In essense, it would be a rework of the passwd program.  As for "any
other program" that's what permissions are for.  Set the perms to 4750
and owned by user root, group news.

 Michael | mfaurot  | %DCL-MEM-BAD, bad memory VMS-F-PDGERS, pudding between
 Faurot  | atww.org | the ears

leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list