From owner-freebsd-bugs  Wed Jul  8 13:00:08 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA20433
          for freebsd-bugs-outgoing; Wed, 8 Jul 1998 13:00:08 -0700 (PDT)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA20379
          for <freebsd-bugs@FreeBSD.org>; Wed, 8 Jul 1998 13:00:05 -0700 (PDT)
          (envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id NAA17240;
	Wed, 8 Jul 1998 13:00:02 -0700 (PDT)
Received: from indigo.ie (nsmart@ts01-54.waterford.indigo.ie [194.125.139.117])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA19271
          for <FreeBSD-gnats-submit@freebsd.org>; Wed, 8 Jul 1998 12:52:32 -0700 (PDT)
          (envelope-from nsmart@indigo.ie)
Received: (from nsmart@localhost)
	by indigo.ie (8.8.8/8.8.7) id UAA01556;
	Wed, 8 Jul 1998 20:48:12 +0100 (IST)
	(envelope-from nsmart)
Message-Id: <199807081948.UAA01556@indigo.ie>
Date: Wed, 8 Jul 1998 20:48:12 +0100 (IST)
From: rotel@indigo.ie
Reply-To: rotel@indigo.ie
To: FreeBSD-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: 3.2
Subject: bin/7218: /etc/security does not detect uid 0 correctly
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         7218
>Category:       bin
>Synopsis:       /etc/security does not detect uid 0 correctly
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jul  8 13:00:01 PDT 1998
>Last-Modified:
>Originator:     Niall Smart
>Organization:
>Release:        FreeBSD 2.2.6-STABLE i386
>Environment:

>Description:

Michal Listos <mcl@Amnesiac.123.org> originally submitted this.

The /etc/security script does not detect uid's of zero correctly
because it uses a string mode comparison thus new root users with
the uid specified as "00" will not be detected.  Doh.

OpenBSD's /etc/security looks very complete if anyone fancies
merging some of their good ideas.

>How-To-Repeat:

>Fix:

*** security~    Sat Jun 27 12:13:59 1998
--- security       Wed Jul  8 20:38:28 1998
***************
*** 52,54 ****
  echo "checking for uids of 0:"
! awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd
  
--- 52,54 ----
  echo "checking for uids of 0:"
! awk -F: '$3 == 0 {print $1,$3}' /etc/master.passwd


>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message