[1063] in WWW Security List Archive
Re: netscape and /etc/passwd
daemon@ATHENA.MIT.EDU (Donald E. Eastlake 3rd)
Fri Oct 20 17:08:45 1995
Date: Fri, 20 Oct 1995 13:48:27 -0400 (EDT)
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
To: Michael Reuschling <reuschli@transtec.de>
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <199510200946.AA13467@cpu3>
Errors-To: owner-www-security@ns2.rutgers.edu
Probably more fodder for its random number generator...
On Fri, 20 Oct 1995, Michael Reuschling wrote:
> I had a problem with netscape for SunOS 4.1.3 startups,
> so i traced it and figured out, that netscape reads the /etc/passwd-
> file.
>
> The trace-output was the following:
>
> [...]
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> brk (0x349170) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> close (4) = 0
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> getpid () = 6561
> [...]
>
> Does anybody know, why netscape is doing this? If it would read the
> line for my uid, it would not border me, but root...
>
> Best regards,
>
> Michael
>
> ---------------------------------------------------------
> | Michael Reuschling Phone: +49-7071-703-180 |
> | transtec AG Tuebingen Fax: +49-7071-703-139 |
> | Waldhoernlestr. 18 Email: reuschli@transtec.de |
> | 72072 Tuebingen/Germany |
> ---------------------------------------------------------
>
=====================================================================
Donald E. Eastlake 3rd +1 508-287-4877(tel) dee@cybercash.com
318 Acton Street +1 508-371-7148(fax) dee@world.std.com
Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA)
