Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!security!genrad!mit-eddie!mit-vax!eagle!mhuxt!mhuxi!mhuxa!houxm!hocda!spanky!burl!duke!unc!tim
From: tim@unc.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Security
Message-ID: <5530@unc.UUCP>
Date: Sun, 10-Jul-83 14:21:04 EDT
Article-I.D.: unc.5530
Posted: Sun Jul 10 14:21:04 1983
Date-Received: Mon, 11-Jul-83 09:21:03 EDT
References: ukc.3852
Lines: 13


    It is not true that only login and passwd need to read
/etc/passwd.  The GCOS field is used for maintenance of a user
information database on many systems, requiring that the file be
readable by finger as well.  Of course, finger could be made setuid to
root, or a different file could be used for the database.

______________________________________
The overworked keyboard of Tim Maroney

duke!unc!tim (USENET)
tim.unc@udel-relay (ARPA)
The University of North Carolina at Chapel Hill