It's the OS that looks at the userid database when ntop goes to shed root privileges, using setuid() and ilk.
-----Burton > -----Original Message----- > From: Nobody [mailto:[EMAIL PROTECTED] Behalf Of Kevin Croker > Sent: Monday, October 18, 2004 3:07 PM > To: <snip /> > Subject: /etc/shadow > > > Message body follows: > > (please reply to <snip />) > > ntop Admins - > > I don't have time to check the source right now, but my boss > loves your tool and wants me to put it on the L box, but I > won't put on anything that wants /etc/shadow for a reason I > can't divine. It obviously needs r00t to grab raw sockets, > but what does ntop want with /etc/shadow? > > Thanks! > Kevin Croker <snip /> _______________________________________________ Ntop-dev mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
