Date: Fri, 16 Aug 2002 14:18:25 -0700 (PDT) From: Branson Matheson <branson@windborne.net> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/41721: pw_mkdb creates uid 0 accounts for improper UID Message-ID: <200208162118.g7GLIPEm065417@www.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 41721 >Category: bin >Synopsis: pw_mkdb creates uid 0 accounts for improper UID >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Aug 16 14:20:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Branson Matheson >Release: 4.6-STABLE >Organization: Windborne Producitons, Inc >Environment: FreeBSD jane.inside 4.6-STABLE FreeBSD 4.6-STABLE #2: Tue Aug 6 13:41:03 EDT 2002 branson@jane.inside:/usr/obj/usr/src/sys/JANE i386 >Description: When using vipw to create an account.. if a letter is in the third field of the temporary password file( the UID field ), when vipw exits and mk_pwdb runs against the resulting temporary file, the account is given uid 0. The same happens for the GID field. >How-To-Repeat: run vipw, add the following line: test:*:i123:20::0:0:Test User:/home/test:/sbin/nologin exit root@jane # grep test /etc/passwd test:*:0:20:Test User:/home/test:/sbin/nologin >Fix: mk_pwdb needs to validate the format of the UID and GID fields and throw an exception if the field contains any /D type characters. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208162118.g7GLIPEm065417>