[1060] in WWW Security List Archive
Re: netscape and /etc/passwd
daemon@ATHENA.MIT.EDU (Jeff Weinstein)
Fri Oct 20 10:24:29 1995
To: www-security@ns1.rutgers.edu
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 20 Oct 1995 04:32:25 -0700
Errors-To: owner-www-security@ns2.rutgers.edu
Michael Reuschling wrote:
>
> I had a problem with netscape for SunOS 4.1.3 startups,
> so i traced it and figured out, that netscape reads the /etc/passwd-
> file.
>
> The trace-output was the following:
>
> [...]
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> brk (0x349170) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> close (4) = 0
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> getpid () = 6561
> [...]
>
> Does anybody know, why netscape is doing this? If it would read the
> line for my uid, it would not border me, but root...
It is passing the file through MD5 as part of the random number
generator seed.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
