Date: Wed, 21 Sep 2005 07:00:32 GMT From: Kris Kennaway <kris@obsecurity.org> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: misc/85200: db write part of /etc/spwd.db in any new .db file Message-ID: <200509210700.j8L70WJv068288@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/85200; it has been noted by GNATS. From: Kris Kennaway <kris@obsecurity.org> To: Den Ivanov <dsdiv@vladnet.ru> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: misc/85200: db write part of /etc/spwd.db in any new .db file Date: Wed, 21 Sep 2005 02:59:45 -0400 --EY/WZ/HvNxOox07X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 22, 2005 at 04:48:48AM +0000, Den Ivanov wrote: >=20 > >Number: 85200 > >Category: misc > >Synopsis: db write part of /etc/spwd.db in any new .db file > >Confidential: no > >Severity: critical > >Priority: high > >Responsible: freebsd-bugs > >State: open > >Quarter: =20 > >Keywords: =20 > >Date-Required: > >Class: sw-bug > >Submitter-Id: current-users > >Arrival-Date: Mon Aug 22 04:50:13 GMT 2005 > >Closed-Date: > >Last-Modified: > >Originator: Den Ivanov > >Release: 5.4-STABLE > >Organization: > Vladnet > >Environment: > FreeBSD web2.vladnet.ru 5.4-STABLE FreeBSD 5.4-STABLE #0: Mon Jul 25 04:2= 4:03 GMT 2005 div@web2.vladnet.ru:/var/cvsup/src/STABLE_5/obj/var/cvsup= /src/STABLE_5/src/sys/WEB i386 > >Description: > with 'postmap' utility from 'postfix', any user in system may get part of= /etc/spwd.db > >How-To-Repeat: > #echo "1 2" >12 > #postmap 12 > and see 12.db > in my case, this 64kb file contain most user:passwords pairs from spwd.db This sounds like a postmap bug that should be taken up with the postfix dev= elopers instead. Kris --EY/WZ/HvNxOox07X Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDMQTgWry0BWjoQKURAthuAJ0YIR6IewT5P7OZazhWM/KpPjVEuQCZAc/5 h21mwF9ngZKF4WOt2cCC6tA= =ISww -----END PGP SIGNATURE----- --EY/WZ/HvNxOox07X--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509210700.j8L70WJv068288>