[18212] in Athena Bugs
sgi, sun 8.4.10 /etc/group and xss
daemon@ATHENA.MIT.EDU (Camilla R Fox)
Tue Aug 29 20:27:35 2000
Message-Id: <200008300027.UAA81020@oliver.mit.edu>
To: bugs@MIT.EDU
Date: Tue, 29 Aug 2000 20:27:30 -0400
From: Camilla R Fox <cfox@MIT.EDU>
(I don't think this is an xss bug, but people notice when using xss.)
I've seen it twice today, and once from an olc user, and had another
report when I mentioned it in sipb.
The symptom is that xss complains about no finding group 101 (I'm sure
it's easy to reproduce the exact message, but it doesn't seem
relevant). When you look at /etc/group, while the user is logged in,
it looks just like the one that's on the srvd, that is, none of the
user-specific groups are there.
I have anectdotal evidence to suggest that it only happens when the
victim logs in very soon after someone logged out of that machine.
Certainly, the case I saw just now I had just crashed him out of a
frozen login with the SGI grip of death.
Is there anything I should get from the workstation, next time?
-Camilla
