zero length /etc/passwd (was Re: ulimit)
Bill Carpenter
wjc at ho5cad.ATT.COM
Sat Apr 22 19:00:03 AEST 1989
In article <100455 at sun.Eng.Sun.COM> plocher%sally at Sun.COM (John Plocher) writes:
> Kids, don't do this at home.
>[shows bug that truncates /etc/passwd]
> % ls -l /etc/passwd*
> -rw-r--r-- 1 root 0 Apr 3 10:44 /etc/passwd
> -rw-r--r-- 1 root 439 Apr 3 10:40 /etc/passwd.old
> % su
> password: xxxxxxx
> # cp /etc/passwd.old /etc/passwd
No, kidding, "don't do this"!! I was once the last user on a machine
and discovered that some clever daemon had truncated /etc/passwd. I
thought I'd do just this sort of thing. Hmmm, just how did I expect
"su" to verify that I had typed the right passwd? At least under
SysV, this was big trouble. Would BSD or SunOS have behaved differently?
"Sorry" (meaning, "grab that backup disk of the root file system").
(I tried being root on machines networked to the damaged one; none let
me get in and most asked personal questions like "Who are you?")
--
--
Bill Carpenter att!ho5cad!wjc or attmail!bill
More information about the Comp.bugs.sys5
mailing list