There are a few bugs in the nscd program included with glibc 2.1: - the default action for a nscd request if the request type is unknown is to abort(). As far as I can tell, this means that anyone can crash the nscd daemon by sending a request with a type that nscd does not understand. - nscd does not call setsid() when starting up as a daemon. This means that if root logs in and starts it, nscd will hold onto that controlling TTY until it is hung up. - nscd runs as root. This isn't necessary. It would be nice if it could be run as its own unprivileged user. I have a patch that implements fixes for all three of these: http://www.engin.umich.edu/caen/systems/Linux/code/patches/nscd-security.patch Adding the following %post/%preun scripts to the glibc spec file will create the nscd user that would be needed to run nscd as non-root: %post -n nscd /sbin/chkconfig --add nscd /usr/sbin/useradd -c "nscd caching daemon" \ -s /bin/false -r -d / nscd 2>/dev/null %preun -n nscd if [ $1 = 0 ] ; then /sbin/chkconfig --del nscd /usr/sbin/userdel nscd 2>/dev/null /usr/sbin/groupdel nscd 2>/dev/null fi I've sent these suggestions to the author of nscd but haven't received a response yet. Thanks, Chris Wing wingc.edu
assigned to jakub
Still an issue w/ nscd-2.1.91-2 from Rawhide.
Fixed in glibc-2.1.92