From: pmacdona@sanjuan (Peter MacDonald) Subject: Re: Weird group problems under .99.3 Date: Thu, 14 Jan 1993 03:36:58 GMT
In article <1993Jan14.021159.19619@colorado.edu> drew@hamlet.cs.colorado.edu (Drew Eckhardt) writes:
>In article <1993Jan14.011414.15521@mintaka.lcs.mit.edu> wyvern@gnu.ai.mit.edu (The Wyvern) writes:
>>I'm experiencing some problems with group permissions after having upgraded
>>to kernel version 0.99.3. I usually login via xdm, so I didn't notice this
>>at first, but when I telnet to my own system and log in, I'm unable to
>>perform certain actions which hinge on group privileges.
>>
>>Unfortunately I don't remember if this was happening under 0.99.2.
>>I also don't know if this is a problem with login (from shadow pw package)
>
>It is. The shadow password package does not support BSD suplemental groups -
>you have one active group at a time. You start off being in the group
>specified in your /etc/passwd entry, but can chgrp to anything in /etc/group.
>
>Either fix the sources to the shadow password package, or use the poeigl
>package that has a BSD-suplemental group supporting login.
>
>If I were you, and were concerned about security, I'd switch back to
>a normal password file, install npasswd (Using something like /usr/dict/words
>as the dictionary), and run crack on the pasword file to catch current
>users with crackable passwords.
The problem is, there is no such thing as uncrackable passwords. Not when
you can get the encrypted strings. And especially not when you have access
to the crypt() source code.
The solution to this problem is to add supplemental groups to shadow. I will
take a look at it.
>
>--
>IMHO on shadow passwords :
>
>If you force your users to choose "uncrackable" passwords (ie, mixed case,
>digits and non-alphas thrown in) through the use of a program like npasswd,
>for all practical purposes you can have the same level of security that you
>have with a shadow password file and users having free reign over their
>passwords.
>
>Since you must be root to find out the encrypted passwords, programs like
>xlock have to be suid (opening up security holes), or they just plain
>break.
>
>So, you sacrifice compatability and convienience for nothing if you use
>shadow passwords.
Actually, these programs are now setgid shadow, and /etc/shadow is readable
by group shadow. Changing the uid is just to much hassle, and introduces
to many problems.
I still think shadow passwd is the way to go. And so do most of the
big Unix vendors (not that that sways me). So SLS will continue to
use them.
Peter.