Problems with authorization and /etc/shadow

Andreas Gredler andreas.gredler at g-tec.co.at
Mon Jun 3 15:23:55 UTC 2002


In article <Pine.LNX.4.44.0206022019570.2821-100000 at puck.litech.org>, "Jeffrey M. Vinocur" wrote:
> On 1 Jun 2002, Andreas Gredler wrote:
> 
>> I realized strange behaviour of my innserver (2.2.3): When I make
>> /etc/shadow world-readable I can use /etc/shadow to do the
>> authorization. Because of this maximum security risk this is not a good
>> solution, so I tried to change back to my default permissions for
>> /etc/shadow (-rw-r-------   root   shadow) and added user news to the
>> shadow group. Unfortunately this did not work. Can anyone explain this ?
> 
> Did you shut down INN and start it up again?  Changes to unix group 
> membership generally do not take effect until the next login.
> 

Yes, I also verified it by logging in as user news and executing the
"groups" command.
 
>> Finally, as i tried to run innd as user root I was just wondering that
>> ist was again started as user news ? (starting with rc.news).
> 
> Yes, INN needs to start as root to bind to port 119 (which is why 
> inndstart is SUID root), but then becomes the news user as soon as 
> possible.
> 
In this case it doesn´t seem to be required to start is as user news,
as always suggested in README-files and HowTos, right ?
 
best regards Andreas Gredler


More information about the inn-workers mailing list