VB: become_root remove patches (head)
Matthias Wächter
matthias at waechter.wol.at
Wed Aug 18 23:11:11 GMT 1999
On Thu, 19 Aug 1999, Stephen Langasek wrote:
> Also, Unix traditionally requires the user to be able to prove he knows the
> old password before allowing a password change. Compromising user accounts
> becomes a lot easier if any process running with the user's permissions can
> modify the smb password entry.
So ... why not split this part from smbd to a program running suid 0 like
/bin/passwd? Same problem, same solution, isn't it?
Sehr Wus,
- Matthias
--
Verkauft für 339,88 Dollar!
- aus: Groundhog Day (Und täglich grüßt das Murmeltier)
-----------------------------------------------------------------------------
More information about the samba-technical
mailing list