Subject: Re: BSD Authentication
To: David Laight <david@l8s.co.uk>
From: Noriyuki Soda <soda@sra.co.jp>
List: current-users
Date: 09/09/2003 04:16:00
> Look at 5th field of /etc/inetd.conf, please.
> How do you implement the feature without having root privilege in inetd?
Also, please look at the following lines /etc/inetd.conf on OpenBSD
which use BSD auth instead of PAM.
#ftp stream tcp nowait root /usr/libexec/ftpd ftpd -US
#telnet stream tcp nowait root /usr/libexec/telnetd telnetd -k
#shell stream tcp nowait root /usr/libexec/rshd rshd -L
#shell stream tcp6 nowait root /usr/libexec/rshd rshd -L
As you see, these daemons need root privilege even with BSD auth,
because they need to call setuid(pwd->pw_uid) and initgroups(3).
--
soda