pcat_private pointed out to me: > This could be good.. But this could be bad. Running on a system with out > the shadow password suite, then this would work very easily, > running on a machine with a shadow password suite, it would atleast > require the shadow file to be group writeable to the GID you run > the program as. Which in most cases, shadow passwords are never readable > to a regular users group, otherwise what is the point of the shadow suite? require the shadow file to be group READABLE.. Which again, it never should be group readable to average users. However a lot of machines have a group readable program, for programs like xlock, and other ones that don't need to run as root, but do need to read that file. > The good: If SSH had a remote BO, the only thing compromised is anything > in the group that /etc/shadow was r+w by. And another mistake, obviously, if the shadow file is r+w to the person who compromised it, they own the entire box. I don't know how I overlooked that statement. I meant g+r, so its group readable.. And as Alan cox pointed out.. It might mean more trouble for the user logged in that way, if it was being used in a legitimate way.. Because whoever owned the tty they are sitting on, could easily write to their term. Erik Parker eparkerat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:19 PDT