Subject: Re: confused on getpwnam behaviour
To: None <current-users@sun-lamp.cs.berkeley.edu, michaelv@iastate.edu>
From: None <mycroft@gnu.ai.mit.edu>
List: current-users
Date: 04/12/1994 17:36:57
If this is the way it has always been, how does a user program
validate the user's password?
This is the way it is on all systems I've used with shadow passwords.
Since the shadow file is only readable by root (anything else would
defeat the entire point), only processes with an effective uid of 0 can
get to the real passwords.
On such systems, things like `xlock' need to be setuid root.
------------------------------------------------------------------------------