Problems with authorization and /etc/shadow

Andreas Gredler andreas.gredler at g-tec.co.at
Sat Jun 1 03:49:56 UTC 2002


Hello,

I realized strange behaviour of my innserver (2.2.3): When I make
/etc/shadow world-readable I can use /etc/shadow to do the
authorization. Because of this maximum security risk this is not a good
solution, so I tried to change back to my default permissions for
/etc/shadow (-rw-r-------   root   shadow) and added user news to the
shadow group. Unfortunately this did not work. Can anyone explain this ?

After trying different things I stopped innd and started only nnrpd,
only with -D flag. This works fine, also when user news is not part of
shadow-group. So why doesn´t it work when nnrpd is called from innd ?

Finally, as i tried to run innd as user root I was just wondering that
ist was again started as user news ? (starting with rc.news).
Now I was completely confused and hope someone can give me some hints
what´s going on.

best regards Andreas Gredler


More information about the inn-workers mailing list