Janto Trappe <[EMAIL PROTECTED]> wrote: > In der Manpage fuer unix_chkpwd steht:
> This program is not intended to be called directly by > users and will log to syslog if it is calledimporperly > (i.e., by some one trying exploit it). > Warum ist bei potato unix_chkpwd setuid root wenn es a) in /sbin/ > liegt und b) sowieso nicht von usern ausgefuehrt werden soll? > Bugreport? Nein. |-----------/usr/doc/libpam-doc/txt/pam.txt.gz | A helper binary, unix_chkpwd, is provided to check the user's | password when it is stored in a read protected database. This | binary is very simple and will only check the password of the | user invoking it. It is called transparently on behalf of the | user by the authenticating component of this module. In this | way it is possible for applications like xlock to work without | being setuid-root. |--------------------------- cu andreas -- Uptime: 10 seconds load average: 0.00, 0.00, 0.00 vim:ls=2:stl=***\ Sing\ a\ song.\ *** -- ----------------------------------------------------------- Um sich aus der Liste auszutragen schicken Sie bitte eine E-Mail an [EMAIL PROTECTED] die im Subject "unsubscribe <deine_email_adresse>" enthaelt. Bei Problemen bitte eine Mail an: [EMAIL PROTECTED] ----------------------------------------------------------- 839 eingetragene Mitglieder in dieser Liste.