Problems with authorization and /etc/shadow
Jeffrey M. Vinocur
jeff at litech.org
Mon Jun 3 00:21:44 UTC 2002
On 1 Jun 2002, Andreas Gredler wrote:
> I realized strange behaviour of my innserver (2.2.3): When I make
> /etc/shadow world-readable I can use /etc/shadow to do the
> authorization. Because of this maximum security risk this is not a good
> solution, so I tried to change back to my default permissions for
> /etc/shadow (-rw-r------- root shadow) and added user news to the
> shadow group. Unfortunately this did not work. Can anyone explain this ?
Did you shut down INN and start it up again? Changes to unix group
membership generally do not take effect until the next login.
> Finally, as i tried to run innd as user root I was just wondering that
> ist was again started as user news ? (starting with rc.news).
Yes, INN needs to start as root to bind to port 119 (which is why
inndstart is SUID root), but then becomes the news user as soon as
possible.
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the inn-workers
mailing list