Re: "passwd -F" vulnerability?

rwing!patole.cdac.com

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Pat Myrto: "Re: new iss stuff"
• Previous message: Pat Myrto: "Re: new iss stuff"
• In reply to: Mike Raffety: ""passwd -F" vulnerability?"
• Next in thread: Robert Lau: "Re: "passwd -F" vulnerability?"

"In the previous message, Mike Raffety said..."
> 
> On some Unix systems (e.g., SunOS 4.x), passwd has a "-F" flag allowing
> you to specify the file to use (instead of /etc/passwd).  It appears
> that the passwd program pays no attention to permissions on that file;
> it runs setuid to root (of course), and accesses the file without doing
> any permission checking.

So what?  One can copy /etc/passwd and edit it with an EDITOR.  So?
Login reads /etc/passwd, not whatever file the user chooses.  Until
the user can write the changes into /etc/passwd (and sometimes
/etc/security/passwd.adjunct), he has accomplished NOTHING.

Remeber, the passwd command does not determine account access.

[ ... ]

> I've just figured this out; is it a well-known bug?  Are there any
> other consequences?

Its not a problem.
-- 
patrwing  [If all fails, try:  rwing!patole.cdac.com]  Pat Myrto - Seattle WA
"No one has the right to destroy another person's belief by demanding
empirical evidence."  --   Ann Landers, nationally syndicated advice columnist
and Director at Handgun Control Inc.

• Next message: Pat Myrto: "Re: new iss stuff"
• Previous message: Pat Myrto: "Re: new iss stuff"
• In reply to: Mike Raffety: ""passwd -F" vulnerability?"
• Next in thread: Robert Lau: "Re: "passwd -F" vulnerability?"