Return to BSD News archive
Path: sserve!newshost.anu.edu.au!munnari.oz.au!constellation!paladin.american.edu!howland.reston.ans.net!cs.utexas.edu!geraldo.cc.utexas.edu!sylvester.cc.utexas.edu!not-for-mail From: vax@sylvester.cc.utexas.edu (Vax) Newsgroups: comp.os.386bsd.questions Subject: Re: secure dist/passwd Date: 18 Jan 1994 01:40:59 -0600 Organization: The University of Texas - Austin Lines: 18 Message-ID: <2hg3qb$nut@sylvester.cc.utexas.edu> References: <QhC4g6O00VBNEFf0gK@andrew.cmu.edu> NNTP-Posting-Host: sylvester.cc.utexas.edu In article <QhC4g6O00VBNEFf0gK@andrew.cmu.edu>, Timothy J Kniveton <tim+@CMU.EDU> wrote: >no users except myself and root (i think people in the root group) can >run passwd. since the permissions of passwd allow read + execute for >anyone, Um, I don't mean to sound simplistic, but have you checked that it's SUID root? You must, of course, be root to modify the password files. passwd, of course, should be rw-r--r-- and master.passwd rw------- Not sure about the write perms, you may not need them; doesn't hurt tho. /usr/bin/passwd should be r-sr-xr-x root bin Disclaimer: I'm not trying to sound pedantic; just ruling out the simple fix. -- Protect our endangered bandwidth - reply by email. NO BIG SIGS! VaX#n8 vax@ccwf.cc.utexas.edu - Don't blame me if the finger daemon is down