LinuxSA Mailing list archives

Index: [thread] [date] [subject] [author]

  From: Alan Kennington <akenning@dog.topology.org>
  To  : aaharwoo@teaching.cs.adelaide.edu.au
  Date: Wed, 24 Mar 1999 13:18:12 +1030

Re: Login

Andrew,

That's almost certainly the right answer.

================================================================
> On Wed, 24 Mar 1999, Robyn Manning wrote:
>
> > I have installed Red Hat Linux 5.2 on my computer, all was fine. I was
> > using the login of root and the password. I created a user and gave them a
> > password. I shut down the computer and restarted Linux. I can no longer
> > login to Linux with either login. I get the message invalid login.
> > 
> Did you accidently change the root password instead of the user's?
>
> ------------------------------------------------------------------------
> Andrew Harwood             3rd Year Bachelor of Computer Science student 
> aaharwoo@cs.adelaide.edu.au                       University of Adelaide
>
> Apple and Microsoft working together in harmony? I'd like to see that.
> ------------------------------------------------------------------------
=================================================================

Under linux, the "real" user ID, not the "effective" user ID is used
for the passwd command. So when root does "su" to a user,
the "real" user ID "root" is used instead of the user ID that
is more logical.

This is pretty much so on other unixes also.
But....

I think that linux does this crazy sort of thing also 
for shells (i.e. if you type "csh" as root, your "real" ID
is still "root" etc. etc.).

But then if you try to become "really" root from an ordina5ry
account using "rsh", you can fall foul of the "PAM" configuration.

This has the very sad consequence that if you log in
habitually as an ordinary user and execute "startx" etc.,
then you can't become "really" root wihtout fiddling with the
PAM configuration. Adn that means that you can't
do backups to the "ftape" device, which looks at the
"real" user ID only.

This is one of the complaints that I ahve about linux.
Just one of the many reasons why people who think that linux
will be the dominant desktop OS in 12 months will be
disappointed. The "su" and "csh" behaviour, combined with
the overuse of the "real user ID" by applications software,
results in incomprehensible behaviour, which should be
fixed, in my opinion.

The original idea of keeping track fo the "real" user ID was
to increase security. But in my opinion, too much
functionality has been sacrificed.
(In all systems, there's a security/functionality trade-off,
I believe.)

To be just a bit controversial, I think that linux is not
yet ready to take over from other unixes, let alone the
MS and Mac OSs.
And this bizarre "passwd" behaviour is
just the ant at the top of the iceberg.

Cheerio,
Alan Kennington.

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject

Index: [thread] [date] [subject] [author]

Return to the LinuxSA Mailing List Information Page