[540] in bugtraq
Re: Sun Patch Id #102060-01
daemon@ATHENA.MIT.EDU (der Mouse)
Tue Dec 20 08:34:21 1994
Date: Tue, 20 Dec 1994 06:43:42 -0500
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
To: bugtraq@fc.net
> [on modern SunOS,] using the -F option will get the message saying
> something like "user cannot open -F file <filename>" or something
> similar (I forget exact message).
> It refuses to work unless the user is root, or the filename is in
> /etc/pwfiles as a full pathname. If the file does not exist, only
> root can use the -F option.
Kinda sad, because passwd -F is mildly useful, and it's really really
easy to make it secure: just permanently throw away all elevated
privilege as soon as the -F is noticed on the command line. Then
proceed to run as normal.
Actually, perhaps it should be throw away all privilege if the file
given isn't in /etc/pwfiles. That gives the best of both worlds.
der Mouse
mouse@collatz.mcrcim.mcgill.edu
