[1064] in WWW Security List Archive
Re: netscape and /etc/passwd
daemon@ATHENA.MIT.EDU (Jean-Christophe Touvet)
Fri Oct 20 18:23:59 1995
To: Michael Reuschling <reuschli@transtec.de>
Cc: www-security@ns2.rutgers.edu
In-reply-to: <199510200946.AA13467@cpu3>
Date: Fri, 20 Oct 1995 20:43:28 +0100
From: Jean-Christophe Touvet <jct@edelweb.fr>
Errors-To: owner-www-security@ns2.rutgers.edu
Hmm, netscape paranoia is growing ;-)
> I had a problem with netscape for SunOS 4.1.3 startups,
> so i traced it and figured out, that netscape reads the /etc/passwd-
> file.
>
> The trace-output was the following:
>
> [...]
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> brk (0x349170) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> close (4) = 0
> open ("/etc/passwd", 0, 0666) = 4
> ioctl (4, 0x40125401, 0xefffd514) = -1 ENOTTY (Inappropriate ioctl for device)
> fstat (4, 0xefffd588) = 0
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
> getpid () = 6561
> [...]
>
> Does anybody know, why netscape is doing this? If it would read the
> line for my uid, it would not border me, but root...
I guess it only looks at your uid. `trace' shows only a few bytes of buffer
content after the read system call. It happens that root entry is generally
the first one in /etc/passwd...
> read (4, "root:hNJ93kdb9E3sQ:0:1:Operator:".., 8192) = 514
Shows that buffer size = 8192, bytes read = 514. Probably getpwuid(getuid()).
-JCT-
