Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_4

Bugtraq archives for 4th quarter (Oct-Dec) 1997: Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux

Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux

Theo de Raadt (deraadtCVS.OPENBSD.ORG)
Fri, 19 Dec 1997 15:08:27 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ejovi: "f00f.patch (fwd)"
Previous message: Ivan Nejgebauer: "Xotpcalc, version 1.0"
In reply to: Alec Muffett: "Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux"

In OpenBSD, we constrain the password line to be 1023 characters long
(_including_ expansion in the gecos field of all cases of '&' ->
username).

Perhaps this strict constraint isn't the perfect solution to the
problem, but it sure has stopped a few root holes.  One day we'll
rewrite it better: allow longer lengths, but check in lots of places.
(However a current benefit of this scheme is that the 1023 character
constraint also helps for the YP server case).


This solution saved us from the sendmail overflow in buildfname().

Next message: Ejovi: "f00f.patch (fwd)"
Previous message: Ivan Nejgebauer: "Xotpcalc, version 1.0"
In reply to: Alec Muffett: "Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux"