Unix security suggestion

Juergen Wagner gandalf at csli.STANFORD.EDU
Wed Nov 23 10:40:20 AEST 1988


Empty lines or comments in /etc/passwd caused the ::0:0:: or #::0:0:: lines.
Every time somebody changes his/her password, the passwd program would read
/etc/passwd, taking the respective lines for entries with an empty user name,
uid zero, etc., and later write them out. Since some entries would contain
a newline char as username, the number of these phantom user entries would
grow with each change made to any password on the system...

I hope people aren't using the buggy version of passwd any more...

-- 
Juergen Wagner		   			gandalf at csli.stanford.edu
						 wagner at arisia.xerox.com



More information about the Comp.unix.wizards mailing list