Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!henry
From: henry@utzoo.UUCP (Henry Spencer)
Newsgroups: hacknews
Subject: /etc/passwd gets its own owner 
Message-ID: <3759@utzoo.UUCP>
Date: Tue, 17-Apr-84 13:21:29 EST
Article-I.D.: utzoo.3759
Posted: Tue Apr 17 13:21:29 1984
Date-Received: Tue, 17-Apr-84 13:21:29 EST
Organization: U of Toronto Zoology
Lines: 11

Implemented an idea that occurred to me a little while ago:  a separate
uid (and gid) for the password file.  This is better than having it owned
by bin, because it means that compromising bin's security (e.g. by some
hole in a setuid-bin program, of which there are several) (programs, not
holes!) no longer compromises the security of the entire system.  The
passwd program's ownership has been changed to match, as has (sigh) the
ownership of /etc, which has to be writeable to the passwd program so
it can create lock files and temporaries there.
-- 
				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,linus,decvax}!utzoo!henry