tcb - the alternative to shadow
Chris Ricker
kaboom at oobleck.net
Thu Aug 24 15:33:13 UTC 2006
On Thu, 24 Aug 2006, Ralf Ertzinger wrote:
> Hi.
>
> On Thu, 24 Aug 2006 11:04:26 -0400, Neal Becker wrote:
>
> > http://www.openwall.com/presentations/Owl/mgp00020.html
>
> Hmmm. What is the advantage of this scheme? The first disadvantage
> that springs to my mind is that any attacker that gains user privileges
> (browser bug or whatever) can suddenly change the user password.
The advantages are that passwd, etc become sgid instead of suid, and that
non-root users can only attack themselves through any passwd flaws....
later,
chris
More information about the fedora-devel-list
mailing list