From owner-freebsd-bugs Thu Mar 16 09:40:02 1995 Return-Path: bugs-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id JAA14348 for bugs-outgoing; Thu, 16 Mar 1995 09:40:02 -0800 Received: (from gnats@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id JAA14341; Thu, 16 Mar 1995 09:40:01 -0800 Date: Thu, 16 Mar 1995 09:40:01 -0800 Message-Id: <199503161740.JAA14341@freefall.cdrom.com> From: roottcsh@alano.diatel.upm.es Reply-To: roottcsh@alano.diatel.upm.es To: freebsd-bugs Subject: misc/245: all users imported from YP have UID 0 In-Reply-To: Your message of Thu, 16 Mar 1995 18:34:00 +0100 <199503161734.SAA01942@alano.diatel.upm.es> Sender: bugs-owner@FreeBSD.org Precedence: bulk >Number: 245 >Category: misc >Synopsis: all users imported from YP have UID 0 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs (FreeBSD bugs mailing list) >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 16 09:40:00 1995 >Originator: Operator >Organization: >Release: FreeBSD 2.0-RELEASE i386 >Environment: YP/NIS served by a machine running SunOS 4.1.1. FreeBSD machine (YP client) has the DES patches from skeleton.mikom.csir.co.za installed >Description: When YP is activated by adding the special "+" entry to the password database, all users imported from YP have UID 0 and GID 0. >How-To-Repeat: Activate YP and add the special "+" entry to /etc/passwd (with vipw). Then execute "id anyone". If that user exists in the YP/NIS database, it will be listed with UID and GID 0, instead of its real UID and GID. Also, if you attempt to "su" to it, you won't be able, unless you are in group wheel. If you attempt to login as that user, you won't be allowed, unless the terminal is secure. Of course, that means that any user listed in the YP database that has access to a secure terminal can be root just by logging with his usual name and password. >Fix: Not known. This didn't happen under FreeBSD 1.1R. >Audit-Trail: >Unformatted: :