Combining passwd programs

Tavis Barr tavis at
Thu Jun 18 22:52:46 GMT 1998

A couple of us have been talking about writing a passwd binary that would 
basically take the smbpasswd.c program and add a routine to change the 
Unix password right after the one that changes the smbpasswd file.  

The only trouble is, in order to change the Unix password, as far as I know 
the program has to be run setuid root.  I remember that smbpasswd was 
changed recently so that it didn't have to be run this way (in fact it 
couldn't but that's easy enough to comment out of the code).  My question 
for ye wise ones: Are there any particular security holes created by running 
the smb password-changing routine as setuid root that aren't created by 
running other programs (e.g., Unix passwd) as setuid root?

Thanks for your help,

More information about the samba-ntdom mailing list