public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "Christoph dot Pleger at cs dot tu-dortmund dot de" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sources.redhat.com
Subject: [Bug libc/11134] getpwnam shows shadow passwords of NIS users
Date: Wed, 17 Feb 2010 13:15:00 -0000 [thread overview]
Message-ID: <20100217131527.4747.qmail@sourceware.org> (raw)
In-Reply-To: <20100105092632.11134.Christoph.Pleger@cs.tu-dortmund.de>
------- Additional Comments From Christoph dot Pleger at cs dot tu-dortmund dot de 2010-02-17 13:15 -------
Hello,
I am sorry that my patch for the NIS shadow password security
vulnerability introduced a new bug. One of my NIS users informed me
that she could not login any more after she had used chsh to change her
login shell. The reason was that in the shadow file, the encrypted
password had been replaced by an 'x'. This happens because in my
patch, file nis-pwd.c, the string "##<username>" is replaced with "x".
I thought that this replacement is necessary to let libc6 search for
the encrypted password in the shadow map. But now I found out that it
is not necessary and that without it everything works fine: logging in,
changing password and changing the shell.
I have attached a new patch that simply lets the password field of the
passwd.byname map alone.
Regards
Christoph
--
http://sourceware.org/bugzilla/show_bug.cgi?id=11134
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
next prev parent reply other threads:[~2010-02-17 13:15 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-05 9:26 [Bug libc/11134] New: " Christoph dot Pleger at cs dot tu-dortmund dot de
2010-01-05 9:28 ` [Bug libc/11134] " Christoph dot Pleger at cs dot tu-dortmund dot de
2010-01-06 7:59 ` Christoph dot Pleger at cs dot tu-dortmund dot de
2010-02-17 13:15 ` Christoph dot Pleger at cs dot tu-dortmund dot de [this message]
2010-02-17 13:18 ` Christoph dot Pleger at cs dot tu-dortmund dot de
2010-04-05 20:20 ` drepper at redhat dot com
2010-04-05 20:20 ` drepper at redhat dot com
2010-04-06 22:53 ` drepper at redhat dot com
2010-04-07 14:41 ` drepper at redhat dot com
[not found] <bug-11134-131@http.sourceware.org/bugzilla/>
2014-02-16 19:35 ` jackie.rosen at hushmail dot com
2014-05-28 19:44 ` schwab at sourceware dot org
2014-06-30 20:29 ` fweimer at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100217131527.4747.qmail@sourceware.org \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sources.redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).