Re: Sun Patch Id #102060-01

der Mouse (mouse@Collatz.McRCIM.McGill.EDU)
Tue, 20 Dec 1994 06:43:42 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: bmanning@isi.edu: "Re: Re: Re: Sun Patch Id #102060-01"
Previous message: Mark: "Re: bugtraq misinformation"
Maybe in reply to: Mitch Wright: "Sun Patch Id #102060-01"
Next in thread: Jon Peatfield: "Re: Sun Patch Id #102060-01"

> [on modern SunOS,] using the -F option will get the message saying
> something like "user cannot open -F file <filename>" or something
> similar (I forget exact message).

> It refuses to work unless the user is root, or the filename is in
> /etc/pwfiles as a full pathname.  If the file does not exist, only
> root can use the -F option.

Kinda sad, because passwd -F is mildly useful, and it's really really
easy to make it secure: just permanently throw away all elevated
privilege as soon as the -F is noticed on the command line.  Then
proceed to run as normal.

Actually, perhaps it should be throw away all privilege if the file
given isn't in /etc/pwfiles.  That gives the best of both worlds.

					der Mouse

			    mouse@collatz.mcrcim.mcgill.edu

Next message: bmanning@isi.edu: "Re: Re: Re: Sun Patch Id #102060-01"
Previous message: Mark: "Re: bugtraq misinformation"
Maybe in reply to: Mitch Wright: "Sun Patch Id #102060-01"
Next in thread: Jon Peatfield: "Re: Sun Patch Id #102060-01"