SVR3 passwd changes mode of passwd file
Stephen Carroll
sbc at sp7040.UUCP
Tue Oct 4 02:33:59 AEST 1988
In article <384 at levels.sait.edu.au>, ccdn at levels.sait.edu.au (DAVID NEWALL) writes:
] In article <4827 at cbmvax.UUCP>, ditto at cbmvax.UUCP (Michael "Ford" Ditto) writes:
] > The complaint here is not about security or lack thereof, it's about
] > programs undoing the system administrator's actions.
] >
] > Where should this "enforced security" end? Should /bin/passwd also
] > chmod / to 555 mode as well? And what about /etc/? Should "ls"
] > remove world write permission from /dev/mem if it happens to discover
] > it?
]
] I haven't got the sources, so I don't know for sure... I imagine passwd
] writes a _brand new_ copy of /etc/passwd. So it's not a case of passwd
] "happening to discover" that the mode isn't 444. On the contrary, it's a
] case of passwd not noticing that the mode is other than 444.
according to the sources, David is correct.
Passwd creates a copy of /etc/passwd as /etc/ptmp, and makes the changes for the
new passwd there. After the passwd has been changed and verified, passwd links
/etc/passwd to /etc/opasswd, and then unlinks /etc/passwd. It then links
/etc/ptmp to /etc/passwd and unlinks /etc/ptmp. It does all this with
umask set to 0333, thereby ensuring a new file with mode 444. So it's not
really a case of not noticing that the old mode had been changed, but
really a case of not caring. If security is really a concern at all, this
is the only way (besides setting umask to 0777 1/2 :-) which this should work.
] -------------------------------------------------------------------------
] David Newall Phone: +61 8 343 3160
] South Australian Institute of Technology Fax: +61 8 349 6939
] The Levels, South Australia, 5095 E-mail: ccdn at pisa.sait.oz.AU
More information about the Comp.unix.questions
mailing list