SVR3 passwd changes mode of passwd file

[Stephen Carroll]

In article <384 at levels.sait.edu.au>, ccdn at levels.sait.edu.au (DAVID NEWALL) writes:
] In article <4827 at cbmvax.UUCP>, ditto at cbmvax.UUCP (Michael "Ford" Ditto) writes:
] > The complaint here is not about security or lack thereof, it's about
] > programs undoing the system administrator's actions.
] >
] > Where should this "enforced security" end?  Should /bin/passwd also
] > chmod / to 555 mode as well?  And what about /etc/?  Should "ls"
] > remove world write permission from /dev/mem if it happens to discover
] > it?
] 
] I haven't got the sources, so I don't know for sure...  I imagine passwd
] writes a _brand new_ copy of /etc/passwd.  So it's not a case of passwd
] "happening to discover" that the mode isn't 444.  On the contrary, it's a
] case of passwd not noticing that the mode is other than 444.

according to the sources, David is correct. 
Passwd creates a copy of /etc/passwd as /etc/ptmp, and makes the changes for the
new passwd there.  After the passwd has been changed and verified, passwd links 
/etc/passwd to /etc/opasswd, and then unlinks /etc/passwd.  It then links
/etc/ptmp to /etc/passwd and unlinks /etc/ptmp.  It does all this with
umask set to 0333, thereby ensuring a new file with mode 444.  So it's not
really a case of not noticing that the old mode had been changed, but 
really a case of not caring.  If security is really a concern at all, this
is the only way (besides setting umask to 0777  1/2 :-) which this should work.

] -------------------------------------------------------------------------
] David Newall                                 Phone:  +61 8 343 3160
] South Australian Institute of Technology     Fax:    +61 8 349 6939
] The Levels, South Australia, 5095            E-mail: ccdn at pisa.sait.oz.AU