Wouter Verhelst, le mar 08 mar 2005 17:03:11 +0100, a dit : > Op za, 05-03-2005 te 22:56 -0800, schreef Matt Zimmerman: > > On Sat, Mar 05, 2005 at 03:34:58PM +0100, Christian Perrier wrote: > > > > > Security and release teams, may I have your advice about this suggestion? > > > > > > As you may know, I currently act as maintainer for the shadow package, > > > but I'm also aware of my own weaknesses when it comes at security (and > > > security-related) issues so I prefer getting the advice of more > > > competent people. > > > > > > Given that installing login non setuid has been blessed for Ubuntu, > > > I'm inclined to follow the suggestion, but doing so close to a release > > > is maybe not wise.....so I'm seeking for advices..:-) > > > > FWIW, We've been doing this for some time in Ubuntu, and no one has missed > > it. In this age of pseudoterminals and single-user systems... > > On Linux. > > I'm not exactly sure about this, but I think it might break the way the > Hurd does a login. On The Hurd, you don't get a login prompt; rather, > you get a login /shell/ which allows you to do some things without > having been logged on; loggin in then requires you to do 'login <user>'. > It /might/ be the case that this requires /bin/login to be setuid root, > but I'm not sure. Hurd developers (Cc'ed), care to shed some light here?
It does even *less* need to be setuid root: login way be run without *any* identity: it gets uid from the passwd server in exchange of the correct password for the uid. No need to be root for that. Regards, Samuel Thibault -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]