Stop Microsoft
Operating Systems => Linux and UNIX => Topic started by: TheQuirk on 18 January 2003, 02:30
-
If /etc/shadow can only be viewed by root, doesn't "login" have to run as root (for a period of time, anyway?) aswell? Isn't this a bit unsafe? Am I right about the fact that it runs as root?
-
"init" spawns "getty" which in turn spawns "login" which in turn spawns the user's shell. The init/getty/login indeed run as root in order to perform the password authentication. The shell itself obviously runs under the privelages of the user who has logged in.
It's a lot more secure than letting all users have access to the encrypted password file but there really isn't any other way I can think of that would be better. If you can, then it surely would get implemented if you brought it up. Most Linux/UNIX systems work this way.
[ January 17, 2003: Message edited by: void main ]
-
Couldn't you run it as "nobody"?
-
if the tty's and some other thnigs were owned by nobody. maybe hurd has something to correct this, or SElinux, with its mandatory access lists
-
You could not run it as nobody. It doesn't get run until you type in your id and passwd. If login determines that your id/passwd is valid it spawns a shell with your user privelages and then exits. It has to run as root because no other user has the authority, for one to read the /etc/shadow, but more importantly invoke a user shell under the privelages of any other user. Even NT/2k etc work similarly. I don't understand the concern.
[ January 17, 2003: Message edited by: void main ]
-
thats almost what i was trying to say, that to set it to somethign else, you would have to make it totaly insecure to do it that way
-
I don't have a concern. Just thinking.
BTW, when I meant "running it as nobody", I meant allowing "nobody" have access to /etc/shadow... Of course, then other things that use "nobody" would have access aswell, so I guess it's a bad idea.
[ January 18, 2003: Message edited by: TheQuirk ]