http://bugzilla.novell.com/show_bug.cgi?id=540966 User suse@tlinx.org added comment http://bugzilla.novell.com/show_bug.cgi?id=540966#c8 L. A. Walsh <suse@tlinx.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |security Platform|Other |x86-64 Flag| |CCB_Review? --- Comment #8 from L. A. Walsh <suse@tlinx.org> 2009-11-13 19:30:53 PST --- That sounds more like a bug with NIS -- how does a normal user login when they are not root? -- I.e. if nscd is NOT running, how does a normal user query NIS as 'root'. The manpage for nscd specifically says that it does NOT cache /etc/shadow, with the implication being that it doesn't do so for security reasons. If it is not caching /etc/shadow for security, then lookups achieve no benefit by going through nscd -- and there is no reason for it to be 'root'. Why is it called 'unscd' when it runs as 'nscd' in opensuse? is there some other version of the product where it is installed and runs as unscd? Maybe these two names should not be assumed to be the same version of the product, and maybe the unscd version runs in an environment with different needs than the nscd version of the product. The nscd version of the product runs just fine as user "nscd" -- a normal, unprivileged user. There have been no complaints or bug reports that I'm aware of about nscd not working. Are passwds even being checked through nscd? Perhaps the pam-password verification library calls don't even go through nscd because it does not cache /etc/shadow -- so there would be no benefit making some extra round trip through nscd to get to NIS or /etc/shadow. If it's not broken in 11.1 or 11.2, then why has no one complained about it not running as 'root'? People want it to be more secure by running as it's own user 'nscd', NOT less secure by running it as root. I'm not reopening this at this point, as it would be pointless unless we figure out why it is working as NOT-root on 11.1 and 11.2 (and probably 11.0, though I know it's running as root on 10.3). It's not that there's a known problem with nscd, but it's a matter of principle of running "more" programs with full privilege. It increases the attack surface of the TCB and is not desirable from a security standpoint. I'd like someone in security to review the necessity of this running as root when it has been working without problems in 11.1/.2 as non-root. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.