[3093] in bugtraq
Re: /etc/shells (was Re: procmail)
daemon@ATHENA.MIT.EDU (Sam Quigley)
Thu Aug 8 17:35:39 1996
Date: Thu, 8 Aug 1996 14:12:02 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Sam Quigley <poodge@econ.Berkeley.EDU>
X-To: Eugene Bradley <ebradley@andromeda.rutgers.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <9608081353.ZM5195@andromeda.rutgers.edu>
On Thu, 8 Aug 1996, Eugene Bradley wrote:
[...]
>
> I kinda like der Mouse's latter idea. In fact, here are some ideas
> for the flags that can be used in a passwd database that root can
> edit in as necessary. I don't know if some UNIX OSes support this
> feature currently in the form of kernel flags; this is an idea I have
> off the top of my head.
>
> Flag Attribute
> - ---- ---------
[...]
As far as I know, this has not been implemented -- but I think it would
be useful. The key to implementing a system like this is the system's
extensibility -- the system needs to be easily extended to fill unseen
future needs, etc.
Clearly, these data can't be held in /etc/passwd -- the format of passwd
is set, and can't really be changed at this point. The shadow password
system already has a bunch of extra fields in /etc/shadow that set things
like password aging, but we can't really muck around with shadow for the
same reasons we can't muck around with passwd. But shadow proves that a
parallel dbase can work.
As I see it, to create a system like this, we need a new adduser script;
other than this, each program that is to be enabled or disabled (chsh,
procmail, etc.) needs modification.
Anyway. Assuming that there is not already a system like this in place,
I'd like to volunteer to draft a standard and proof-of-concept set of
tools. But I'd like to make sure this would actually be useful to people
other than me: would it?
(other volunteers would be good too...)
-sq
