On 05 Jun 2002 22:42:16 +0200 [EMAIL PROTECTED] (Niels Möller) wrote: > Niklas Söderlund <[EMAIL PROTECTED]> writes: > > > Yup, but since /bin/login is suid:ed as root, > > There's no reason /bin/login need to be setuid root on the Hurd. > > Why not? You tell login your name and passwd. login sends them to the > passwd server. If they are correct, the passwd server replies with an > auth-token corresponding to your uid, so that login can spawn a login > shell for you. > > > it should be harmless to do chmod 640 /etc/passwd? > > A lot of programs break if /etc/passwd isn't readable. For a start, > all programs that want to convert between user names and numerical > uids. > > PS. I'm not sure about how groups etc are set up. Is that also the > responsibility of passwd? > > PPS. On the only Hurd system I have access to, /usr/bin/login is > actually setuid root. I hope that's a bug. > > /Niels > hm, yes youre right. I didn't know it uses the password-server.. So, how do i solve this problem? I'd like to keep the login-account, without komprimising security.
yop, both /bin/login and /usr/bin/login is setuid root. I'll see what happens if i remove the setuid-bit.. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
