On Tue, Dec 21, 1999 at 08:40:06PM +0100, bert hubert wrote:
> On Tue, Dec 21, 1999 at 08:36:07PM +0100, bert hubert wrote:
>
> > You probably have shadow passwords. These cannot be read by any user but
> > root. This means that checkpassword needs to be 'set user id root', suid
> > root for short. Try this:
> >
> > chown root:root /bin/checkpassword
> > chmod +s /bin/checkpassword
>
> DO NOT DO THIS. Sorry. Braino on my part. checkpassword needs to be invoked
> by root, it should not be suid.
And, as ahu and I discussed on irc, a suid checkpassword is just a /bin/su
with a difficult interface and no logging :)
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
