change to vncpasswd requested
Boyce, David
David.Boyce "at" Fmr.com
Fri, 25 Sep 1998 22:21:27 +0000
I'd like to request a small change to the vncpasswd program. Right now it
always forces the passwd file to mode 600; I'd prefer it to create the file
with mode 600, but if it finds it with a different mode, leave it alone. At
least leave read bits in place; you'd probably always want to do the "chmod
go-wx" equivalent. Here's the reason: I'm running Xvnc via an Xservers file,
ie letting xdm manage it. And I want to let users keep their password files
on an NFS-mounted filesystem so they don't need to maintain a different one
for each system they might VNC to. This all works beautifully - the only
problem is that since xdm is reading the file as root, and since root
typically comes across NFS as "nobody", it can't open a file with mode 600
if it's owned by the user. I have no problem with having to do a "chmod a+r"
on the password file the first time it's created; the problem is that
whenever a user changes his password his authentication mysteriously starts
failing because vncpasswd set the mode back to 600.
Please let me know if this seems doable or if there's a major problem with
it.
-David Boyce
Here's a sample (untested) context diff.
*** vncauth.c Mon Jun 15 06:13:52 1998
--- vncauth.c.new Fri Sep 25 16:54:55 1998
***************
*** 51,60 ****
int i;
unsigned char encryptedPasswd[8];
! if ((fp = fopen(fname,"w")) == NULL) return 1;
- chmod(fname, S_IRUSR|S_IWUSR);
-
/* pad password with nulls */
for (i = 0; i < 8; i++) {
--- 51,63 ----
int i;
unsigned char encryptedPasswd[8];
! if (access(fname, F_OK)) {
! if ((fp = fopen(fname,"w")) == NULL) return 1;
! chmod(fname, S_IRUSR|S_IWUSR);
! } else {
! if ((fp = fopen(fname,"w")) == NULL) return 1;
! }
/* pad password with nulls */
for (i = 0; i < 8; i++) {
---------------------------------------------------------------------
The VNC mailing list - see http://www.orl.co.uk/vnc/intouch.html
---------------------------------------------------------------------