[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Shadow Passwords

Ian Jackson <ian@chiark.chu.cam.ac.uk> writes:

>Certainly before this hole is fixed a system with a shadow `login'
>is/was definitely much more vulnerable than one without shadow
>passwords at all.

Actually, this has yet to be proven. No exploit script has been posted
to show that login is vulnerable. The shadow login program does an
isgraph() on all the characters entered, so, assuming there's no bugs in
linux's isgraph, it would be a fair trick to create executable code
from just the set of printable ascii characters. That would mean that
the worst you could expect is for login to dump core.

If people issued a security alert for every piece of code running on
linuux that didn't do bounds checking on input the security list would
be unusable.

John Henders

Reply to: