Hi !
The moment I start using /etc/passwd, it'll start giving users access to
POP / telnet / FTP facilities on the server.
And extra smart people would try hacking and stuff !!!
I hope I'm right in what I'm saying.
Kay Pee
On Thu, 1 Jul 1999, Steven Fletcher wrote:
> On Thu, 1 Jul 1999 18:42:58 +0530 (IST), you wrote:
>
> >I am using /etc/password to authenticate users on my system.
> >
> >This is a major security risk.
>
> Why? /etc/master.password and the spwd.db are the ones that need worrying about, and they can't be read by normal users anyway.
>
> Please explain why it's a security risk in your opinion. Otherwise, try the Kerberos/YP domain auth systems instead.
>
> -flec
> flec@flec.co.uk
>
>
> Steven Fletcher - steven@shellnet.co.uk / flec@flec.co.uk
> Shellnet - http://www.shellnet.com
>
Received on Sat Jul 03 1999 - 00:26:58 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:17 MST