httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Murcko <ch...@telebase.com>
Subject Re: chroot and spwd.db (fwd)
Date Wed, 10 Jan 1996 17:00:54 GMT
I was under the impression that, when running chrooted, you DO NOT use
the real passwd database files for the new environment, but just some
made up ones with the bare essentials that don't match the passwords in
the real ones. That's how I run all the services here that require
chrooting. I'd make that point before saying that:

Irix 5.x can be configured to use shadow passwords, but doesn't as shipped.
Same with Linux, last I looked.
BSD 4.4s don't keep the passwords in /etc/passwd, either - these include
BSDI, FreeBSD, and NetBSD.

Andrew Wilson liltingly intones:
> 
> Ack sent.  How many of us use shadow passwords.  Solaris people
> certainly.  Anyone else?
> 
> Ay.
> 
> Forwarded message:
> > From isdmill@state.me.us  Fri Jan  5 06:36:21 1996
> > Message-Id: <199601051429.JAA10574@gatekeeper.ddp.state.me.us>
> > Date: Fri, 05 Jan 96 09:45:35 -0500
> > Sender: david@state.me.us
> > From: David Miller <isdmill@state.me.us>
> > X-Mailer: Mozilla 1.1N (X11; I; BSD/OS 2.0 i386)
> > MIME-Version: 1.0
> > To: apache-bugs@apache.org
> > Subject: chroot and spwd.db
> > X-URL: http://www.apache.org/bug_report
> > Content-Transfer-Encoding: 7bit
> > Content-Type: text/plain; charset=us-ascii
> > 
> > When configuring apache to run chrooted, it would be very nice indeed
> > if apache were to check for it's user/group ID's in the pwd.db database,
> > rather than the spwd.db database.
> > 
> > The difference, of course, is that some encrypted passwords are stored in the
> > spwd.db file and it's quite a pain to have to extract the relevent ID(s) from 
> > the master.passwd, then nolog them in a workfile, then run mk_pwdb on it in
> > order to make the passwords useless.  Be much nicer if apache looked for a
> > file without the encrypte passwords like ftpd.
> > 
> > As a desired added feature, it would be really nice to be able to specify
> > a chroot directory in the httpd.conf file:)
> > 
> > Thanks for doing a terrific job on a wonderful server!
> > 
> > 
> > Sincerely,
> > 
> > David Miller
> > 
> > 
> > 
> 
> 

chuck
Chuck Murcko	Telebase Systems, Inc.	Wayne PA	chuck@telebase.com
And now, on a lighter note:
First Law of Bicycling:
	No matter which way you ride, it's uphill and against the
wind.

Mime
View raw message