rash & passwd

On Mon, 2 May 1994 16:10:45 -0400  Andrew Adams wrote:
> Hi.  I was wondering if you guys had perhaps responded to dsj's question
> of last week concerning rash and passwd and I just didn't see it.  We were
> wondering how you handle letting users set their own passwds with a 
> chrooted shell.  (The problem being that even if you give them their own
> copy of passwd under the "new" root, the _real_ /etc/passwd file can't
> be updated and thus telnet can't make use of the new passwd.)  
> 
> Did you guys write your own copy of passwd?  

That one is on my plate. I didn't have time to look at it yet
(and I'm on vacation now...). At this time, the password is
not settable by a rash user; they send in a UNIX-encrypted
password or get a (random word) password assigned.

Password is a dangerous program, both because it changes behaviour
pending on argv[0] and command line arguments, and because it
currently runs as root. I intend to make a second password-file
(owned by a pseudo-user), from which *only* the password-entry
is copied to the Master Password file (say, once a day).
The rest of the entries (e.g. the dangerous shell field)
are kept in another file OUTSIDE the rash environment.

Please note that rash is still pretty dangerous; write a perl
script in your guardian file, execute it, and put the 'real'
guardian file back. We have not made this public..
I *don't* want a setiud root program in there if I can avoid it.

Second, the guardian box is not integrated with the rest of the
network, thus if it's broken, it doesn't mean the end of your
network.

I intend to work on the merge thing next week.
Is this sufficient?

Geert Jan



> 


> (Dale's on vacation until Wednesday so we can't ask him if he got a reply. :-
) )
> 
> Thanks.
> 
> Andy



-------- Logged at  Wed Apr 6 23:03:27 MET DST 1994  ---------