[9630] in bugtraq
snap utility for AIX.
daemon@ATHENA.MIT.EDU (Larry W. Cashdollar)
Thu Feb 18 14:53:48 1999
Date: Wed, 17 Feb 1999 10:17:08 -0500
Reply-To: "Larry W. Cashdollar" <lwcashd@TROUT.BIW.COM>
From: "Larry W. Cashdollar" <lwcashd@TROUT.BIW.COM>
To: BUGTRAQ@NETSPACE.ORG
My friend actually brought this to my attention, the snap command is a diagnostic utlitiy for gathering system information on AIX platforms.
It can only be executed by root, but it copies various system files into
/tmp/ibmsupt/
under /tmp/ibmsupt/general/ you will find the passwd file with cyphertext. The
danger here is if a system administrator executes snap -a as sometimes requested
by IBM support while diagnosing a problem it defeats password shadowing. I
would think that snap would create the directory 700 root:root.
-- Larry
