Re: securityhole /proc/sys/kernel/domainname

Ulrich Windl (Ulrich.Windl@rz.uni-regensburg.de)
Wed, 21 Feb 1996 08:47:32 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ulrich Windl: "Re: Proposal: Linux "hit-list""
Previous message: Mark Hahn: "Re: Unsure wheter 1.3.66 is the sourse for those problems"
Maybe in reply to: Christoph Lameter: "securityhole /proc/sys/kernel/domainname"

On 20 Feb 96 at 6:33, Christoph Lameter wrote:

>
>
> On Tue, 20 Feb 1996, Swen Thuemmler wrote:
>
> > On 19 Feb 1996, Christoph Lameter wrote:
> >
[..]
> How about requiring root priviledges for getpwent()?
>
> But then passwd needs to run with root priviledges.

Before this discussion gets to trivial: If you send mail, your user
agent (e.g. elm, pine, etc) looks up your full name via getpwent().
Normal users still want to send mail.

Secondly don't NIS clients broadcast the domainname when searching a
server? Any PC with a packet sniffer can display those packets. A
domainname is a password in very much the same manner as a hostname
or an IP address, that is none at all.

Ulrich

Next message: Ulrich Windl: "Re: Proposal: Linux "hit-list""
Previous message: Mark Hahn: "Re: Unsure wheter 1.3.66 is the sourse for those problems"
Maybe in reply to: Christoph Lameter: "securityhole /proc/sys/kernel/domainname"