Date: Fri, 16 Mar 2001 08:19:32 +0100 (CET) From: Udo Schweigert <ust@cert.siemens.de> To: FreeBSD-gnats-submit@freebsd.org Subject: conf/25845: Little bug in /etc/security Message-ID: <200103160719.f2G7JW333470@alaska.cert.siemens.de>
next in thread | raw e-mail | index | archive | help
>Number: 25845 >Category: conf >Synopsis: Improvement for /etc/security >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 15 23:20:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Udo Schweigert >Release: FreeBSD 4.3-BETA i386 >Organization: >Environment: System: FreeBSD alaska.cert.siemens.de 4.3-BETA FreeBSD 4.3-BETA #12: Tue Mar 13 10:10:56 CET 2001 ust@alaska.cert.siemens.de:/usr/obj/work/src/RELENG_4/sys/alaska i386 >Description: /etc/security gives a list of uid 0 accounts. When looking into /etc/master.passwd it does not ignore comments. Thus a comment like this: # $Ust: hosts/merkur/master.passwd,v 1.2 2001/01/30 15:00:13 ust Exp $ gives a nonexisting account (# $Ust) because the third field (if having ":" as field separator) is equal to zero. Since /etc/master.passwd could change in the future there is some chance of having "00" as third field in # $FreeBSD$, this should be fixed. >How-To-Repeat: >Fix: --- security.orig Wed Mar 7 14:45:43 2001 +++ security Fri Mar 16 08:06:37 2001 @@ -117,7 +117,7 @@ separator echo 'Checking for uids of 0:' -n=$(awk -F: '$3==0 {print $1,$3}' /etc/master.passwd | +n=$(awk -F: '/^#/ {next} $3==0 {print $1,$3}' /etc/master.passwd | tee /dev/stderr | sed -e '/^root 0$/d' -e '/^toor 0$/d' | wc -l) >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103160719.f2G7JW333470>