From owner-freebsd-hackers Fri Jul 12 19: 4:50 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 99EE137B400 for ; Fri, 12 Jul 2002 19:04:48 -0700 (PDT) Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8740F43E58 for ; Fri, 12 Jul 2002 19:04:47 -0700 (PDT) (envelope-from ticso@cicely5.cicely.de) Received: from cicely5.cicely.de (cicely5.cicely.de [IPv6:3ffe:400:8d0:301:200:92ff:fe9b:20e7]) (authenticated bits=0) by srv1.cosmo-project.de (8.12.3/8.12.3) with ESMTP id g6D245Ma017895 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Sat, 13 Jul 2002 04:04:13 +0200 (CEST) (envelope-from ticso@cicely5.cicely.de) Received: from cicely5.cicely.de (localhost [IPv6:::1]) by cicely5.cicely.de (8.12.1/8.12.1) with ESMTP id g6D244FJ019885 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Sat, 13 Jul 2002 04:04:04 +0200 (CEST)?g (envelope-from ticso@cicely5.cicely.de) Received: (from ticso@localhost) by cicely5.cicely.de (8.12.1/8.12.1/Submit) id g6D2424L019884; Sat, 13 Jul 2002 04:04:02 +0200 (CEST)?g (envelope-from ticso) Date: Sat, 13 Jul 2002 04:04:02 +0200 From: Bernd Walter To: void Cc: Bogdan TARU , freebsd-hackers@FreeBSD.ORG Subject: Re: security problem in sysctl? Message-ID: <20020713020401.GU63545@cicely5.cicely.de> Reply-To: ticso@cicely.de References: <20020710142627.F89292-100000@fw.cgn.icom> <20020712212335.GA29890@parhelion.firedrake.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020712212335.GA29890@parhelion.firedrake.org> X-Operating-System: FreeBSD cicely5.cicely.de 5.0-CURRENT i386 User-Agent: Mutt/1.5.1i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Jul 12, 2002 at 10:23:35PM +0100, void wrote: > On Wed, Jul 10, 2002 at 02:30:19PM +0200, Bogdan TARU wrote: > > > > Hi guys, > > > > I have just rebooted my machine, and immediately after boot I have run > > 'sysctl -a' as an usual user. Well, in 'kern.msgbuf' I have found the > > whole master.passwd file, with combinations of usernames/passwords. Isn't > > that a security threat? > > Do you know how it got in there in the first place? I'd say that's the > security problem. I would asume something like editing the passwd in single use mode. kern.msgbuf should be closed for non root users - IMO. -- B.Walter COSMO-Project http://www.cosmo-project.de ticso@cicely.de Usergroup info@cosmo-project.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message