From owner-freebsd-security Sun Feb 14 12:09:39 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA02967 for freebsd-security-outgoing; Sun, 14 Feb 1999 12:09:39 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from asteroid.svib.ru (asteroid.svib.ru [195.151.166.145]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA02958 for ; Sun, 14 Feb 1999 12:09:30 -0800 (PST) (envelope-from tarkhil@asteroid.svib.ru) Received: from shuttle.svib.ru (root@shuttle.svib.ru [195.151.166.144]) by asteroid.svib.ru (8.9.1a/8.9.1) with ESMTP id XAA05073 for ; Sun, 14 Feb 1999 23:09:21 +0300 (MSK) Received: from shuttle.svib.ru (tarkhil@minas-tirith.pol.ru [127.0.0.1]) by shuttle.svib.ru (8.8.8/8.8.8) with ESMTP id XAA01375 for ; Sun, 14 Feb 1999 23:10:35 +0300 (MSK) (envelope-from tarkhil@shuttle.svib.ru) Message-Id: <199902142010.XAA01375@shuttle.svib.ru> X-Mailer: exmh version 2.0.2 2/24/98 To: security@FreeBSD.ORG Reply-To: tarkhil@asteroid.svib.ru Subject: Security bug in getpwent? X-URL: http://freebsd.svib.ru Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Date: Sun, 14 Feb 1999 23:10:34 +0300 From: Alex Povolotsky Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello! I've just noticed that getpwent, returning * as password, doesn't set _PWF_PASS in pw_fields, allowing anyone logged in locally to find all non-passworded accounts and leaving absolutely no traces. I'd consider it a bug. The patch is trivial, should I make it and post? Alex. -- Alexander B. Povolotsky [ICQ 18277558] [2:5020/145] [http://freebsd.svib.ru] [tarkhil@asteroid.svib.ru] [Urgent messages: 234-9696 ΑΒ.#35442 or tarkhil@pager.express.ru] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message