Password Verification

Francois Normant fn at fractal.math.yale.edu
Sat Jun 29 07:15:16 AEST 1991 

In article <503 at fnnews.fnal.gov> shah at cdsun.fnal.gov (Hemant Shah) writes:
>
>In article <16390 at smoke.brl.mil>, somsky at brl.mil (William R. Somsky) writes:
>|> I'd like to put 'xlock' onto our systems, but I'm having difficulty 
>|> with the unlock user verification part.  What xlock normally does is ask
>|> for the user's password and compares this (via the appropriate encryption
>|> routines) with the entry found in /etc/passwd.  With the passwords stored
>|> in /etc/security/passwd, however, this fails.  Has anyone worked this out?
>|> Should I make xlock be suid root?  What would be needed to read the
>|> /etc/security/passwd file?  For getting the info out of /etc/passwd,
>|> there is some library routin (I forget the name just now) which reads
>|> the /etc/passwd file and extracts the relevant information.  Is there
>|> an appropriate function for the /etc/security/passwd file?  Does anyone
>|> have any suggestions?  (And yes, I've already dealt with Ctl-Alt-Backspace.)
>|> 
>|> ----------------------------------------------------------------------
>|>  I speak for no-one other than myself --- sometimes, not even that...
>|> ----------------------------------------------------------------------
>|> William R. Somsky					somsky at brl.mil
>
>
>When we proted xlock to our RS600 we had same problem. Our solution was to
>change the permission on the files, the /etc/security directory should look
>like :
>
>	drwxr-xr-x   4 root     security     512 May 01 18:03 security
>
>and the file permission in /etc/security should look like :
>
>	-rw-r--r--   1 root     security    2853 Jun 26 09:32 passwd
>
>
>-------------------------------------------------------------------------------
>Hemant Shah
>Fermilab  
>ACCESS/System Integration 
>                      
>                     
>E-mail :shah at fnal.fnal.gov
> Voice : (708) 840-8071	
>   Fax : (708) 840-2783
>-------------------------------------------------------------------------------

It would be much better to use the patch that was posted a few weeks ago or even
set xlock user-id to root (chmod 4555 xlock).

But please leave the permissions as they originally are on /etc/security
(drwxr-x---) and /etc/security/passwd (-rw-------).

If anybody can take a peak at /etc/security, explain me the utility of that 
directory ?

 
-- 
Francois Normant - fn at math.yale.edu
Yale University - Mathematics Department
Box 2155 - Yale Station
New Haven CT 06520

More information about the Comp.unix.aix mailing list