So does anybody know more about this one??? I've tried a few things, but haven't figured it out yet. This wasn't mentioned here yet was it?? This is relevant parts of the README file from the patch release. If you want the entire patch -- URL ftp://sunsolve1.sun.com/pub/patches/patches.htm and click on the README file for this patch... Patch-ID# 102060-01 Keywords: security, SunOS, 4.1.x, passwd, -F, root, race-condition Synopsis: SunOS 4.1.3_U1: Root access possible via forced passwd race condition Date: Oct/28/94 Solaris Release: 1.1.1 SunOS Release: 4.1.3_U1 Xref: Patch 102023 is the 4.1.2, 4.1.3, 4.1.3C version of this patch. Relevant Architectures: sparc BugId's fixed with this patch: 1169007 Patches required with this patch: Obsoleted by: 4.1.4, 5.x Files included with this patch: /usr/bin/passwd Problem Description: 1169007: Security: Root access possible on SunOS 4.1.x via forced passwd race condition. Patch Installation Instructions: [...] This patch restricts the use of the passwd command's -F option to root, unless the system administrator explicitly permits non-root users to use the option for specifically-identified alternate password files. If you wish to permit such use, set up a file called /etc/pwfiles containing a line for each full path you wish to allow non-root users to specify as an argument to the -F option. Lines in /etc/pwfiles which do not begin with a "/" character are treated as comments; this effectively allows non-root users to use only fully-specified paths with -F. The use of the /etc/pwfiles file in this way is analogous to the way the /etc/shells file is used by the passwd command to restrict the shells non-root users can set up for themselves (you can see the passwd man page for more information on the /etc/shells file). Unauthorized non-root use of the -F flag produces the message: passwd: -F may not be specified for file <-F arg>.