Bug#5318: passwd <user> <pass> vulnerability

To: submit@bugs.debian.org
Subject: Bug#5318: passwd <user> <pass> vulnerability
From: Bill Bumgarner <bbum@friday.com>
Date: Thu, 7 Nov 1996 14:20:26 -0600 (CST)
Message-id: <199611072020.OAA10960@www.friday.com>
Reply-to: Bill Bumgarner <bbum@friday.com>, 5318@bugs.debian.org

Package: passwd
Version: 1.0-5

When invoking passwd in the three argument style;  ie-- as root, passwd <user> <passwd>, any user can issue 'ps auxw | grep passwd' and see the password in cleartext.

The real bug is not so much that the above 'hole' exists-- even with munging of the ps information, there will [won't there?] always be a small window of time in which the clear-text passwd can be had from the ps table.

The real bug is that the man page mentions nothing of this vulnerability-- it does mention that the three argument form is really useful within superuser invoked shell scripts and the like, but doesn't mention that it should *never* be invoked on a machine that may have untrusted logins.

b.bum

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Prev by Date: Re: Bug#5307: new elvis depends on xlib
Next by Date: Re: Upcoming Debian Releases [auto-post]
Previous by thread: Bug#5317: new perl has different arch directory
Next by thread: Bug#5319: xntp-doc installs copyright file in root directory
Index(es):
- Date
- Thread