Problems with authorization and /etc/shadow

Jeffrey M. Vinocur jeff at litech.org
Mon Jun 3 00:21:44 UTC 2002


On 1 Jun 2002, Andreas Gredler wrote:

> I realized strange behaviour of my innserver (2.2.3): When I make
> /etc/shadow world-readable I can use /etc/shadow to do the
> authorization. Because of this maximum security risk this is not a good
> solution, so I tried to change back to my default permissions for
> /etc/shadow (-rw-r-------   root   shadow) and added user news to the
> shadow group. Unfortunately this did not work. Can anyone explain this ?

Did you shut down INN and start it up again?  Changes to unix group 
membership generally do not take effect until the next login.


> Finally, as i tried to run innd as user root I was just wondering that
> ist was again started as user news ? (starting with rc.news).

Yes, INN needs to start as root to bind to port 119 (which is why 
inndstart is SUID root), but then becomes the news user as soon as 
possible.


-- 
Jeffrey M. Vinocur
jeff at litech.org



More information about the inn-workers mailing list