From owner-freebsd-security Mon Jan 29 16:34:23 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA27743 for security-outgoing; Mon, 29 Jan 1996 16:34:23 -0800 (PST) Received: from zap.io.org (zap.io.org [198.133.36.81]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id QAA27702 for ; Mon, 29 Jan 1996 16:34:10 -0800 (PST) Received: (from taob@localhost) by zap.io.org (8.6.12/8.6.12) id TAA21938; Mon, 29 Jan 1996 19:33:23 -0500 Date: Mon, 29 Jan 1996 19:33:23 -0500 (EST) From: Brian Tao To: freebsd-security@freebsd.org Subject: Re: Temporary passwd files in /etc? In-Reply-To: <199601282315.JAA08301@genesis.atrad.adelaide.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org Precedence: bulk On Mon, 29 Jan 1996, Michael Smith wrote: > > The second is probably an emacs backup file. It looks like root has > emacs as its editor, or someone su'd to root and root's .cshrc doesn't > override EDITOR, and also has a really bogus umask setting. This is a > _really_good_ reason not to ever use emacs as root's editor. It turns out that our programmer was testing out a perl-based passwd file massager that created a temporary file with a ~ at the end (he is an emacs user). He had inadvertently set his umask in the perl script to (umask() & 700) rather than 077, and that's how it ended up mode 666. > The former; hmm. .orig is a patch(1) thing; have you used diff/patch to > pass changes to your password database around? I don't know about this one. It was created before the perl script was in use and thankfully did not contain a copy of the encrypted passwords. Thanks to all who mailed back suggestions about the origins of the passwd files. -- Brian Tao (BT300, taob@io.org) Systems Administrator, Internex Online Inc. "Though this be madness, yet there is method in't"