[2304] in linux-security and linux-alert archive
[linux-security] problem with shadow suit in RH5.2 ??
daemon@ATHENA.MIT.EDU (Brett Harrison)
Fri Feb 11 09:15:31 2000
Date: Sat, 29 Jan 2000 16:52:49 -0600
Message-Id: <2.2.16.20000129163452.cf47e2d4@mail.usmo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
To: linux-security@redhat.com
From: Brett Harrison <bh@usmo.com>
Resent-From: linux-security@redhat.com
I am by no means an expert along these lines, but should the
following small program lock out (for 60 seconds) elements of the shadow
suit such as chsh ??
------------------------
#include <stdlib.h>
#include <shadow.h>
void main() {
if(lckpwdf()) {
printf("Failed to get password locks\n");
exit(0);
}
printf("password files locked\n");
sleep(60);
ulckpwdf();
printf("password files unlocked\n");
exit(0);
}
------------------------
Yet the following sequence of events leads me to believe that the
functions lckpwdf() and ulckpwdf() are not being used with the support
programs that are in the shadow suit itself.
------------------------
[root@taylor testsrc]# ./testing &
[1] 29067
[root@taylor testsrc]# password files locked
[root@taylor testsrc]# chsh bh3
Changing shell for bh.
New shell [/bin/bash]: /bin/noshell
Shell changed.
[root@taylor testsrc]# password files unlocked
[1]+ Done ./testing
[root@taylor testsrc]#
------------------------
TIA for any pointers...
--
__ __________ _______
/ / / / ___/ \/ \__ / Brett Harrison - bh@usmo.com
/ / / /\ \ / /\_/\ \/ / InterNET Solutions, L.L.C.
/ /_/ /__\ \/ / / /\ \/ A OneMain.com company
/_____/______\/ /____\_\ http://www.usmo.com
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
