On Sun, Jun 05, John Kelly wrote:
On Fri, 03 Jun 2005 10:01:03 +0200, Thorsten Kukuk
wrote: Why did suse drop nss_db from 9.3?
Use nscd. Does the same
No it does not. I wonder why you sweep the facts under the rug.
Because it seems I know more then you about this?
And worse, nscd leaks user information, which is unacceptable in my environment.
This is pure FUD.
When /etc/passwd and the user db files are not world readable, unprivileged users cannot get a list of other users.
A simple /bin/ls will also fail. If /etc/passwd is not world readable, you can also delete it and don't need it. And your method makes it only a little bit harder to get the list of users, not impossible.
But with nscd running, any unprivileged user can write a trivial C program to list all users on the system, despite the fact that /etc/passwd and the user db files are *not* world readable. Want to see the silly and trivial code?
getent passwd. It is a well defined interface to list all users. No need to write a C program for that. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B