Because we have 1500+ users which are added every semester and EVERYONE needs to be able to read it. There are three different levels of access which are determined upon startup by which group you are in (nothing special, worker, or manager). The access is software enforced and what we want is to make it so normal users cannot read the password file. If they could, they'd be able to just login to the DB and issue commands, viewing information about other users which they should not be able to view.
Jeff Shipman E-Mail: [EMAIL PROTECTED] Systems Programmer Phone: (505) 835-5748 NMIMT Computer Center http://www.nmt.edu/~jeff On 21 Feb 2002, Sven Neumann wrote: } Hi, } } Jeff Shipman - SysProg <[EMAIL PROTECTED]> writes: } } > I have a situation where I am using GTK as } > a frontend for a databse we have. Everything } > is fine except for the fact that I want to } > keep the database password secure. I do } > not want to store it in the program for } > obvious reasons so I thought I would save } > it in an external file and have the program } > read it on startup. The only decent way that } > I know of to do this have a special user } > which can read the file and have the program } > setuid to run as that user. However, gtk } > doesn't like being run setuid. } } If you make your GTK+ app run setuid you can as well make the passwd } file readable by everyone. How about making the file readable by } members of a special group and add authorized users to that group ? } } } Salut, Sven } _______________________________________________ gtk-list mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/gtk-list
