home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Thu, 20 Mar 1997 14:51:58 -0500 (EST) From: Bill Cattey <wdc@MIT.EDU> To: release-team@MIT.EDU To review: Under Solaris 2.3, if you type ^C when setting a password with the vanilla Sun /bin/passwd, it will set your password to carriage return. This situation was "improved" under Solaris 2.4. It would only do this SOMETIMES. The problem has been completely fixed in Solaris 2.5.1. At my insistance, a back-port of the Solaris 2.5.1 fix has been made and a test version has been delivered to me. ---- Question: What should we do with this? The fix consists of installing a new version of /usr/lib/libauth.so.1 and /usr/lib/security/unix_scheme.so.1. These files are currently stashed in /mit/solarisdev/bugs/passwd. Miki suggests that we inform the Consultants so that people can be warned of this exposure, but since we are so close to beginning work on the Summer release, that the effort of putting out a patch release with these libraries may not be justified. I think we should at least test this, and make some assessment of the cost/benefit. -wdc
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |