> On a server that you have shell access, you probably really need to add > 'passwd' to the 'suid partitiion'. You may need some other things, > on some of our servers, I have 'ping' as well.
it's not really necessary to have passwd setuid. you just can write a passwd server process and the passwd(8) just talks to this server via unix domain sockets. the server can use getpeereid(2) or a similar machanism to figure out the uid of the connecting user (dugsong has implemented this). similar things can be done for ping (just used fd passing to get a raw socket). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
