Subject: Re: [netatalk-admins] Re: Feature Suggestion: AFP/TCP running as user, not root
From: Aaron Gowatch (aarong@wired.com)
Date: Fri Nov 14 1997 - 16:59:58 EST
On Fri, 14 Nov 1997, a sun wrote:
> if the server is using shadow passwords, there's always ~/.passwd and
> using the 2-way randnum uam.
Wont this essentially revoke any privileges the user would have under
normal circumstances? If not, though I believe it will, it would
constitute a very serious security hole. What would stop a user from
creating a passwd file that has a root entry with say, no passwd, then
using that passwd file to authenticate himself as root? Short of
rewriting getpwnam(), setuid(), setgid() and friends, I dont think it can
be done.
Aa.
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:28:08 EST