Date: Fri, 16 Mar 2001 08:19:32 +0100 (CET) From: Udo Schweigert <ust@cert.siemens.de> To: FreeBSD-gnats-submit@freebsd.org Subject: conf/25845: Little bug in /etc/security Message-ID: <200103160719.f2G7JW333470@alaska.cert.siemens.de>
next in thread | raw e-mail | index | archive | help
>Number: 25845
>Category: conf
>Synopsis: Improvement for /etc/security
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Mar 15 23:20:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Udo Schweigert
>Release: FreeBSD 4.3-BETA i386
>Organization:
>Environment:
System: FreeBSD alaska.cert.siemens.de 4.3-BETA FreeBSD 4.3-BETA #12: Tue Mar 13 10:10:56 CET 2001 ust@alaska.cert.siemens.de:/usr/obj/work/src/RELENG_4/sys/alaska i386
>Description:
/etc/security gives a list of uid 0 accounts. When looking into
/etc/master.passwd it does not ignore comments. Thus a comment like this:
# $Ust: hosts/merkur/master.passwd,v 1.2 2001/01/30 15:00:13 ust Exp $
gives a nonexisting account (# $Ust) because the third field (if having ":" as
field separator) is equal to zero.
Since /etc/master.passwd could change in the future there is some
chance of having "00" as third field in # $FreeBSD$, this should be fixed.
>How-To-Repeat:
>Fix:
--- security.orig Wed Mar 7 14:45:43 2001
+++ security Fri Mar 16 08:06:37 2001
@@ -117,7 +117,7 @@
separator
echo 'Checking for uids of 0:'
-n=$(awk -F: '$3==0 {print $1,$3}' /etc/master.passwd |
+n=$(awk -F: '/^#/ {next} $3==0 {print $1,$3}' /etc/master.passwd |
tee /dev/stderr |
sed -e '/^root 0$/d' -e '/^toor 0$/d' |
wc -l)
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103160719.f2G7JW333470>