Hash: SHA1

>>>>> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:

Ethan> echo 'eb::0:0:Ethan Benson:/home/eb:/bin/bash' > /etc/passwd.d/eb

Ethan> login wheeeee r00t!

Hmm.  Forgot about that.  I guess that would be a bit of a security
hole. :-(

Ethan> it would be a nightmare to administer.

I don't think so.  Does the administrator need to really do much with
the password database, once a user gets set up?  If you want to audit
the database, you can always just do "cat /etc/passwd.d/* | less".
And the administrative programs (usermod, chsh, etc.) shouldn't be too
hard to modify.  Is there anything else that you would want to do?

Well, obviously my proposed scheme wouldn't work (because of the
previously mentioned exploit), but the motivation behind the scheme was
to reduce the number of SUID programs (because if you don't need it to
be SUID, you're safer without it being SUID).  Is there any (sane) way
of making it so that programs such as passwd, chsh, etc. don't need to
be SUID?

- -- 
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD  6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.   Please encrypt *all* e-mail to me.
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


Reply via email to