Date: Thu, 16 Mar 1995 09:40:01 -0800 From: roottcsh@alano.diatel.upm.es To: freebsd-bugs Subject: misc/245: all users imported from YP have UID 0 Message-ID: <199503161740.JAA14341@freefall.cdrom.com> In-Reply-To: Your message of Thu, 16 Mar 1995 18:34:00 %2B0100 <199503161734.SAA01942@alano.diatel.upm.es>
next in thread | previous in thread | raw e-mail | index | archive | help
>Number: 245 >Category: misc >Synopsis: all users imported from YP have UID 0 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs (FreeBSD bugs mailing list) >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 16 09:40:00 1995 >Originator: Operator >Organization: >Release: FreeBSD 2.0-RELEASE i386 >Environment: YP/NIS served by a machine running SunOS 4.1.1. FreeBSD machine (YP client) has the DES patches from skeleton.mikom.csir.co.za installed >Description: When YP is activated by adding the special "+" entry to the password database, all users imported from YP have UID 0 and GID 0. >How-To-Repeat: Activate YP and add the special "+" entry to /etc/passwd (with vipw). Then execute "id anyone". If that user exists in the YP/NIS database, it will be listed with UID and GID 0, instead of its real UID and GID. Also, if you attempt to "su" to it, you won't be able, unless you are in group wheel. If you attempt to login as that user, you won't be allowed, unless the terminal is secure. Of course, that means that any user listed in the YP database that has access to a secure terminal can be root just by logging with his usual name and password. >Fix: Not known. This didn't happen under FreeBSD 1.1R. >Audit-Trail: >Unformatted: :
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199503161740.JAA14341>