Re: gdm: shadow unfriendly

From: Dave Boynton <dboynton worldnet att net>
To: Martin Kasper Petersen <mkp socsci auc dk>
CC: gnome-list <gnome-list gnome org>
Subject: Re: gdm: shadow unfriendly
Date: Fri, 02 Oct 1998 02:27:28 -0400

Martin Kasper Petersen wrote:
> >> 1. In order to support shadow passwords, I have to change gdm.conf
> >>    to read nobodyuser=root, as only root can access the /etc/shadow
> >>    file, even via pam.
> 
> And the greeter program which makes use of more library calls runs as
> nobody for security reasons.
> 

Yes, I agree with the concept, but unfortunately, you can't access
/etc/shadow as nobody, without some help from setuid. Even with pam.

Dave

Follow-Ups:
- Re: gdm: shadow unfriendly
  - From: Martin Kasper Petersen

References:
- Re: gdm: shadow unfriendly
  - From: Miguel de Icaza
- Re: gdm: shadow unfriendly
  - From: Martin Kasper Petersen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]