On Thu, 13 Nov 2003 11:15, Andreas Metzler <[EMAIL PROTECTED]> wrote: > > Or do you have to be root for getpwnam() to work on NIS accounts? > > In certain NIS configurations you can only access the hashed password > if your query to the NIS server comes from a privileged port <=1024, > i.e. afaict yes.
This is so ugly. Maybe we should have a debconf option for whether the program in question is to be SETUID root or SETGID shadow? Then the minority of people who use NIS can have full functionality, while the majority of people who don't use NIS can have better security.
