bobk@fred.colorado.edu (Bob Kinne) (08/26/89)
Thanks to the many people who responded to my request for information about the /etc/passwd entry ::0:0::: This is a large security hole, allowing anyone on the machine to become root. In BSD 4.2 (at least), a blank line or corrupted entry in the /etc/passwd file can be changed to such an entry by such programs as passwd, yppasswd, chsh, chfn. This problem exists in ULTRIX 3.0, which we run. I don't know if it has been corrected in 3.1, or what other flavors of UNIX it exists in. My main concern was to find out how this entry could have gotten into a /etc/passwd file. Since this was apparently due to a security hole in ULTRIX, I do not suspect any deliberate attempt to attack the system. Thanks for your help. Bob Kinne Optoelectronics Computing Center UCB, Campus Box 525 VOICE (303) 492-3330 Boulder, CO 80309 INTERNET bobk@boulder.Colorado.EDU