On Thu, 24 Aug 2006, Neal Becker wrote: > Ralf Ertzinger wrote: > > > Hi. > > > > On Thu, 24 Aug 2006 11:04:26 -0400, Neal Becker wrote: > > > >> http://www.openwall.com/presentations/Owl/mgp00020.html > > > > Hmmm. What is the advantage of this scheme? The first disadvantage > > that springs to my mind is that any attacker that gains user privileges > > (browser bug or whatever) can suddenly change the user password. > > > > How is that a disadvantage, compared to existing systems? With previous > systems, if you gain user priv you can also change user password. I think > the idea of tcb is that's all you can do. No suid root stuff is used. > (Honestly, I don't know much about tcb - I just thought it might be of > interest) I think Ralf was thinking that tcb would permit something conceptually along the lines of $ vi /etc/tcb/`id -un`/shadow to change your existing passwd w/o having to know it The permissions on /etc/tcb should prevent that though -- only an sgid shadow app (the passwd command) can be used.... later, chris -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
