Date: Wed, 24 Jul 2002 23:09:40 -0400 From: "Brian T. Schellenberger" <bts@babbleon.org> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl>, freebsd-hackers@freebsd.org Subject: Re: What for we need set-uid-root on passwd/chpass/etc.?:) Message-ID: <200207242309.40824.bts@babbleon.org> In-Reply-To: <20020724171152.GA91362@garage.freebsd.pl> References: <20020724171152.GA91362@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 24 July 2002 01:11 pm, Pawel Jakub Dawidek wrote:
| Hello there...
| And pwd_parser is one, little set-uid-root for all of those applications.
| This is something like brigde between (now set-gid on "passwd" group)
| passwd/chpass/etc. and pwd_mkdb(8).
:
| I know that passwd/chpass are safe (no security holes for long time or
| never), but what You think about this solution?
It's innovative, and innovations are always to be carefully pondered where
security it concerned, but it seems logical to me to centralize as many
security functions into one place where it can be very carefully scrutinized.
That way if there is a bug it only has to be fixed once and all the clients
are automatically fixed.
General softward engineering principle to avoid duplication of effort and
therefore duplication of maintenance.
--
Brian, the man from Babble-On . . . . bts@babbleon.org (personal)
http://www.babbleon.org
http://www.eff.org http://www.programming-freedom.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207242309.40824.bts>