Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!lll-winken.llnl.gov!uop!pacbell.com!nntp-hub2.barrnet.net!news1.digital.com!vixie!nnrp!vixie From: vixie@wisdom.home.vix.com (Paul A Vixie) Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc Subject: Re: Circumventing immutable file protections Date: 12 Aug 1995 05:26:31 GMT Organization: Vixie Enterprises Lines: 22 Message-ID: <VIXIE.95Aug11222631@wisdom.home.vix.com> References: <DCvE8s.15A@candle.pha.pa.us> <4095br$3tj@kragar.kei.com> <409qef$t3n@Germany.EU.net> <DD4v3C.I6K@wlbr.iipo.gtegsc.com> <40h0on$5k6@park.uvsc.edu> NNTP-Posting-Host: wisdom.home.vix.com In-reply-to: Terry Lambert's message of 12 Aug 1995 01:39:35 GMT Xref: euryale.cc.adfa.oz.au comp.unix.bsd.misc:166 comp.unix.bsd.bsdi.misc:632 > NIS. > > The password change is on the NIS server, not on the local machine, > which allows you to cookie-cutter configurations for the local > machine (which is the point in the first place). I don't use NIS, perhaps if we integrated Hesiod we could solve the same problem in a better way. But since most /etc/master.passwd files on ISP's are into the multiple-megabyte range, and the corresponding pwd.db and spwd.db are even bigger, I've got to assume that I'm not the only one who keeps the passwd stuff on /var and uses symlinks from /etc to get to it? Note that you need a /var on your root partition to make this work, since you have to have a template passwd file whenever you're running single user. When you go multi-user you get the real passwd files. Yes, this means we can't benefit from immutability on the passwd files, but the files folks wanted to protect were /etc/rc and /etc/rc.local, anyway. -- Paul Vixie La Honda, CA "Illegitimi non carborundum." <paul@vix.com> pacbell!vixie!paul (dont let the bastards grind you down)