[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nss-mysql-users] nss-mysql-root.conf
|
From: |
Jelmer Vernooij |
|
Subject: |
Re: [Nss-mysql-users] nss-mysql-root.conf |
|
Date: |
Wed, 19 Jun 2002 17:01:29 +0200 |
|
User-agent: |
Mutt/1.3.17i |
> > > No you do not. I have set up nss-mysql here and I've got vsftpd
> > > authenticating via the usual pam_unix module without any problems
> > > whatsoever - same for every other service I have running here.
>
> > Wouldn't it be very insecure to do so - since using pam_unix would make
> > it necessary to include the password of the user (althought encrypted) in
> > the global nss directory - for which every user can write programs.
>
> How do you think a user can gain access if they have no access permissions
> on the database themselves?
>
> The only thing a user can do is to query it via getpwent() which is the
> same access they had previously when using /etc/passwd.
In which case the (encrypted) passwords would be in /etc/shadow; data that
was not available to the user via getpwent() then !
Jelmer
- [Nss-mysql-users] Problems building, Chris Snyder, 2002/06/06
- Re: [Nss-mysql-users] Problems building, Guillaume Morin, 2002/06/06
- Re: [Nss-mysql-users] Problems building, Chris Snyder, 2002/06/06
- Re: [Nss-mysql-users] Problems building, Guillaume Morin, 2002/06/06
- [Nss-mysql-users] nss-mysql-root.conf, Nick De Decker, 2002/06/19
- Re: [Nss-mysql-users] nss-mysql-root.conf, Jason Clifford, 2002/06/19
- Re: [Nss-mysql-users] nss-mysql-root.conf, Jelmer Vernooij, 2002/06/19
- Re: [Nss-mysql-users] nss-mysql-root.conf, Jason Clifford, 2002/06/19
- Re: [Nss-mysql-users] nss-mysql-root.conf,
Jelmer Vernooij <=
- Re: [Nss-mysql-users] nss-mysql-root.conf, Jason Clifford, 2002/06/19