[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: running conserver as non-root?

Bryan Stansell bryan@conserver.com
Thu, 25 Oct 2001 14:55:47 -0700 (PDT)

Ooops...as a friend just reminded me, the other potential issue is
reading shadow password files.  If your system uses them and you use
'*passwd*' as the password entry in the conserver.passwd file, user
authentication will fail (since only root can read the shadow password
entries).  To get around this, just put the encrypted password in the
conserver.passwd file.  Some would say doing that decreases your
security (effectively no longer using shadow password files), but if
you're using the console client on another host, you have bigger
security concerns 'cause the passwords are going over the wire in the
clear.  So, take it all with a grain of salt.