Date: Wed, 21 Jun 1995 12:24:03 -0700 (PDT) From: Poul-Henning Kamp <phk> To: freebsd-hackers@freebsd.org Cc: brian@beru.wustl.edu Subject: Re: PPP password security Message-ID: <199506211924.MAA12316@freefall.cdrom.com> In-Reply-To: <199506211715.TAA20917@uriah.heep.sax.de> from "J Wunsch" at Jun 21, 95 07:15:38 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Perhaps all those programs should refuse to work if they detect > insecure files containing the password (like the .rhosts and .netrc > permission checks). Yeah, that would be a worthwhile addition to libutil or somewhere: int cantrustfile(char *filename) recurses through all directories and verifies their permissions. for root: returns 1 if only root can modify this file. for other users: returns 1 if only the user or root can modify this file. else return 0 -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Just that: dried leaves in boiling water ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506211924.MAA12316>