[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: bunch of questions: pam_unix implementation... (long)



Answering to my own post... :)
Thorsten answered on most questions here.

"Michael Ju. Tokarev" wrote:
> 
[]
>                                  (BTW, is nis that useful for storing
> passwords so that even this compatibility should be concerned?  It is
> very insecure for this purpose, at least with current linux
> implementation --
> passwords (well, shadow entries in crypted form) are walked in
> network...)

Forget about this.  It is nis+, not nis. 

[]
> currently does!  BTW, maybe this should be a nis client implementation
> issue -- to deal with uids -- not the pam_unix (pam_nis) one?
> Can we simple remove that setreuid() fragments from pam_unix??
> And let the library to set/reset uids if available/needed?
> If so, the only thing that pam_unix should know about value of pw_passwd
> field is if shadow entry present (or should be) or not (i.e. if it's
> value
> is "x" or not)...
> Can Steve comment on this please?

And this also.  It was nis+, not nis.
And this was ok -- nis+ requires that you have your own uid to see your
password. 

Regards,
  Michael.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []