From owner-freebsd-isp  Fri Sep 15  3:17:41 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162])
	by hub.freebsd.org (Postfix) with SMTP id 05BD637B422
	for <freebsd-isp@FreeBSD.ORG>; Fri, 15 Sep 2000 03:17:38 -0700 (PDT)
Received: (qmail 7415 invoked by uid 1001); 15 Sep 2000 10:17:35 +0000 (GMT)
To: andys@telinco.net
Cc: nbm@mithrandr.moria.org, mike@mikesweb.com,
	freebsd-isp@FreeBSD.ORG
Subject: Re: one more for ya..
From: sthaug@nethelp.no
In-Reply-To: Your message of "Fri, 15 Sep 2000 11:07:54 +0100 (BST)"
References: <Pine.BSF.4.10.10009151105460.45019-100000@internal.mail.telinco.net>
X-Mailer: Mew version 1.05+ on Emacs 19.34.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Date: Fri, 15 Sep 2000 12:17:35 +0200
Message-ID: <7413.969013055@verdi.nethelp.no>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> > > -r-sr-xr-x    1 root   wheel     19556 Jul 30 00:49 /usr/bin/login
> > 
> > Not incredibly sure about this requirement.
> 
> Wouldn't this be needed to read the encrypted passwords from /etc/master.passwd?

/usr/bin/login *only* needs to be setuid root to allow a direct "login"
from one user to another. Under normal circumstances /usr/bin/login is
called from a program already running as root (e.g. telnetd) and thus
doesn't need to be setuid.

Steinar Haug, Nethelp consulting, sthaug@nethelp.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message