From owner-freebsd-hackers  Wed May 15 06:26:47 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id GAA17043
          for hackers-outgoing; Wed, 15 May 1996 06:26:47 -0700 (PDT)
Received: from plains.nodak.edu (tinguely@plains.NoDak.edu [134.129.111.64])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id GAA17037
          for <freebsd-hackers@freefall.freebsd.org>; Wed, 15 May 1996 06:26:44 -0700 (PDT)
Received: (from tinguely@localhost) by plains.nodak.edu (8.7.1/8.7.1) id IAA23557; Wed, 15 May 1996 08:26:33 -0500 (CDT)
Date: Wed, 15 May 1996 08:26:33 -0500 (CDT)
From: Mark Tinguely <tinguely@plains.nodak.edu>
Message-Id: <199605151326.IAA23557@plains.nodak.edu>
To: freebsd-hackers@freefall.freebsd.org, kuku@gilberto.physik.rwth-aachen.de
Subject: Re: yppasswdd permissions/ownership
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

>  We want to allow our NIS users on the clients to set their yp passwords.
>  Since /etc/master.passwd is rw------- root wheel and yppasswdd runs
>  as bin bin it seems to me impossible to change the master password database.
>  
>  Shouldn't yppasswdd better be run as 4755 root bin ? Or is this
>  a potential security hole?

yppasswdd is a daemon that runs as root. ypasswdd is started from /etc/rc
 because your /etc/sysconfig has the line:

yppasswddflags="-m /etc/master.passwd -s -f"

--mark.