Return to BSD News archive
Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!sun-barr!cs.utexas.edu!geraldo.cc.utexas.edu!geraldo.cc.utexas.edu!usenet From: vax@ccwf.cc.utexas.edu (Vax) Newsgroups: comp.os.386bsd.apps Subject: passwd replacement posted earlier Date: 6 Apr 1993 08:01:39 GMT Organization: The University of Texas at Austin, Austin TX Lines: 14 Message-ID: <1prdd3INNcgi@geraldo.cc.utexas.edu> NNTP-Posting-Host: sylvester.cc.utexas.edu Err.. when I posted my passwd replacement program earlier, I declined to mention the correct way to install taintperl. I believe you must c-wrapperize the SUID passwd script. Making taintperl SUID is very, very bad and although tperl may one day avoid having to c-wrapperize your scripts by making itself SUID root and then changing Effective UID/GID to the script's perms, that is not an option and it will not do that. I was under the impressions that was what it did. Anyway, I'm glad I'm not an admin for a Real System :-) Remember that a replacement passwd program such as the one I posted is your first step toward tighter passwd security. Beats trying to crack all your user's passwords :-) -- Protect our endangered bandwidth - reply by email. NO BIG SIGS! VaX#n8 vax@ccwf.cc.utexas.edu - finger for more info if you even care.