>Since SUNs come with a yppasswd program which is also suid'ed (and is >bit for bit identical to passwd -- chfn, chsh, ypchfn, ypchsh are all >links to passwd, but yppasswd is a separate copy.), it needs to be >updated also (seems to not have the -F switch, but do > ln -s /bin/yppasswd /tmp/passwd > /tmp/passwd -F >and you are back where you started from.) For those sites with a user population that exists in NIS maps exclusively, a simple chmod u-s /bin/passwd suffices. We have no users with valid passwords in /etc/passwd, except for root, in /etc/passwd. We've run /bin/passwd w/o set-uid for some time, works ok. Casper