[1062] in WWW Security List Archive
Re: netscape and /etc/passwd
daemon@ATHENA.MIT.EDU (Philip Kizer)
Fri Oct 20 13:18:37 1995
From: pckizer@tamu.edu (Philip Kizer)
To: Michael Reuschling <reuschli@transtec.de>
cc: www-security@ns2.rutgers.edu
Reply-To: pckizer@tamu.edu
In-reply-to: Your message of "Fri, 20 Oct 1995 10:46:03 BST."
<199510200946.AA13467@cpu3>
Date: Fri, 20 Oct 1995 09:28:47 -0500
Errors-To: owner-www-security@ns2.rutgers.edu
Michael Reuschling <reuschli@transtec.de> wrote:
>I had a problem with netscape for SunOS 4.1.3 startups,
>so i traced it and figured out, that netscape reads the /etc/passwd-
>file.
>The trace-output was the following:
>[...]
>read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
^^^^
>Does anybody know, why netscape is doing this? If it would read the
>line for my uid, it would not border me, but root...
This looks like typical behavior for getpwxxx system calls. When you call
getpwuid(getuid()), the getpwuid reads into a big buffer, and parses it
from there; then reads more when it's finished checking all of what it read
in.
You saw root merely because the trace program you used will only show you
the first 32 characters unless you give it an option to show the whole
buffer, and getpwuid has to scan through the whole password file until it
gets to your entry. That's why it looked like it was looking up root's
information, it was merely "on the way" to finding yours.
-philip
____________________________________________________________ Philip Kizer ___
Texas A&M CIS Operating Systems Group, Unix ( 409.862.4120 ) pckizer@tamu.edu
"Relying on the government to protect your privacy is like asking a peeping
tom to install your window blinds." -John Perry Barlow, EFF co-founder
