-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 21 Dec 99, at 20:36, bert hubert wrote:
> You probably have shadow passwords. These cannot be read by any user but
> root. This means that checkpassword needs to be 'set user id root', suid
> root for short. Try this:
>
> chown root:root /bin/checkpassword
> chmod +s /bin/checkpassword
Huh? Since checkpassword runs as root anyway (that's who
spawns it), it doesn't needs suid root. Plus, noone else should be
running checkpassword (unless you are inviting everyone to a
dictionary attack against passwords). In other words, DON'T EVER
DO THAT!
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOGCajVMwP8g7qbw/EQK+QwCeORD2HfIXMKb15jpPiRwaUWuFz2cAoKNu
eitdAeSF8Lum22w374d68yLy
=Q6bR
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
