Date: Fri, 8 Jan 1999 17:17:18 -0500 (EST) From: Barrett Richardson <brich@aye.net> To: Jared Mauch <jared@puck.nether.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: 3.0 rel pwd_mkdb problem(patch) Message-ID: <Pine.BSF.3.96.990108171019.12973A-100000@phoenix.aye.net> In-Reply-To: <19990108003140.A13277@puck.nether.net>
index | next in thread | previous in thread | raw e-mail
On Fri, 8 Jan 1999, Jared Mauch wrote: > > I've had a problem recently with people breaking root > and installing accounts with *no* uid in their pw file entry, > that way everything comes up with zero for the uid, giving > the user root privs. I'm not sure how they're obtaining root yet, Maybe in addition to your patch you could log who is trying to run pwd_mkdb with the null id. You could also turn on process accounting and find out what else he was doing around the same time frame. Just a thought. - Barrett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990108171019.12973A-100000>