*BSD News Article 14076


Return to BSD News archive

Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!sun-barr!cs.utexas.edu!geraldo.cc.utexas.edu!geraldo.cc.utexas.edu!usenet
From: vax@ccwf.cc.utexas.edu (Vax)
Newsgroups: comp.os.386bsd.apps
Subject: passwd replacement posted earlier
Date: 6 Apr 1993 08:01:39 GMT
Organization: The University of Texas at Austin, Austin TX
Lines: 14
Message-ID: <1prdd3INNcgi@geraldo.cc.utexas.edu>
NNTP-Posting-Host: sylvester.cc.utexas.edu

Err.. when I posted my passwd replacement program earlier, I declined to
mention the correct way to install taintperl.  I believe you must
c-wrapperize the SUID passwd script.  Making taintperl SUID is very,
very bad and although tperl may one day avoid having to c-wrapperize
your scripts by making itself SUID root and then changing Effective
UID/GID to the script's perms, that is not an option and it will not do
that.  I was under the impressions that was what it did.  Anyway, I'm
glad I'm not an admin for a Real System :-)
Remember that a replacement passwd program such as the one I posted is
your first step toward tighter passwd security.  Beats trying to crack
all your user's passwords :-)
-- 
Protect our endangered bandwidth - reply by email.  NO BIG SIGS!
VaX#n8 vax@ccwf.cc.utexas.edu - finger for more info if you even care.