Date: Fri, 14 Jul 1995 00:48:28 +0200 (MET DST) From: roberto@blaise.ibp.fr (Ollivier Robert) To: cmetz@sundance.itd.nrl.navy.mil (Craig Metz) Cc: mjk@plaza.ds.adp.com, skey-users@thumper.bellcore.com, bugs@freebsd.org Subject: Re: OPIE and shadow passwords Message-ID: <199507132248.AAA17039@blaise.ibp.fr> In-Reply-To: <9507132052.aa19902@cs.nrl.navy.mil> from "Craig Metz" at Jul 13, 95 03:52:18 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Both of these use the 4.4BSD shadow password system, which will properly
> fill in the pwent pw_passwd field if the calling process has the appropriate
> (usually superuser) priveleges. In my opinion, if the FreeBSD team decided
> to break this behavior, they have done the wrong thing.
We haven't changed that. If you look at libc/gen/getpwent.c :
__init_db:
p = (geteuid()) ? _PATH_MP_DB : _PATH_SMP_DB;
_pw_db = dbopen(p, O_RDONLY, 0, DB_HASH, NULL);
_PATH_MP_DB is defined as /etc/pwd.db and _PATH_SMP_DB as /etc/spwd.db.
Same as 4.4BSD I guess.
> Are you sure that opielogin and opiesu are, in fact, receiving
> starred-out passwords, and that they are, in fact, running with appropriate
> priveleges? Assuming these are the case, then it looks like this is a
> FreeBSD "feature" that requires some kind FreeBSD user to send us the
> appropriate diffs. It would probably require implementation similar to
I don't think so. I don't know exactly where is the problem and I intend to
find out by compiling opie but I'm the author of a su-like package named
calife (to become root by entering one own password instead of root's one)
and I rely on 4.4BSD (in fact, it has been the same since 386BSD 0.0)
behaviour.
--
Ollivier ROBERT -=- The daemon is FREE! -=- roberto@FreeBSD.ORG
FreeBSD keltia 2.0-BUILT-19950503 #3: Wed May 3 19:53:04 MET DST 1995
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507132248.AAA17039>