bobk@fred.colorado.edu (Bob Kinne) (08/23/89)
What is the purpose of the following /etc/passwd entry? ::0:0::: (null login, password, and shell) Thanks.
chris@mimsy.UUCP (Chris Torek) (08/24/89)
In article <10975@boulder.Colorado.EDU> bobk@fred.colorado.edu (Bob Kinne) writes: >What is the purpose of the following /etc/passwd entry? >::0:0::: (null login, password, and shell) To let any and all {cr,h,wr,att}ackers get in to your system as root. Such password entries are created by an over-trusting `getpwent' mixed with an incautious `passwd' program and a fumble-fingered operator or super-user. -- In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163) Domain: chris@mimsy.umd.edu Path: uunet!mimsy!chris
merlyn@iwarp.intel.com (Randal Schwartz) (08/24/89)
In article <10975@boulder.Colorado.EDU>, bobk@fred (Bob Kinne) writes: | What is the purpose of the following /etc/passwd entry? | | ::0:0::: (null login, password, and shell) | | Thanks. [do I dare say this?... ] It's so that you can login as root without knowing the root password. (Now, if you can just figure out how... hee hee.) [there, I said it...] Actually, it's the result of a bug. Some sysadmin at your site edited the password file and added some blank lines. TELL YOUR SYSADMIN to remove these lines. -- /== Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095 ====\ | on contract to Intel, Hillsboro, Oregon, USA | | merlyn@iwarp.intel.com ...!uunet!iwarp.intel.com!merlyn | \== Cute Quote: "Welcome to Oregon... Home of the California Raisins!" ==/
perry@ccssrv.UUCP (Perry Hutchison) (08/24/89)
In article <10975@boulder.Colorado.EDU> bobk@fred.colorado.edu (Bob Kinne) writes: >What is the purpose of the following /etc/passwd entry? > >::0:0::: (null login, password, and shell) On SunOS, an entry just like this except for a leading + means that login should consult the YP (formerly "yellow pages", name changed due to trademark issues) for additional valid logins. This mechanism allows a local Sun network to maintain one net-wide password file instead of having to try to keep N separate files (one per system) up to date. I suspect that the cited entry serves a similar purpose on your variety of UN*X.
jrw@mtune.ATT.COM (Jim Webb) (08/24/89)
In article <571@ccssrv.UUCP>, perry@ccssrv.UUCP (Perry Hutchison) writes: > In article <10975@boulder.Colorado.EDU> bobk@fred.colorado.edu (Bob Kinne) > writes: > > >What is the purpose of the following /etc/passwd entry? > > > >::0:0::: (null login, password, and shell) > > On SunOS, an entry just like this except for a leading + means that login > should consult the YP (formerly "yellow pages", name changed due to > trademark issues) for additional valid logins. This mechanism allows a > local Sun network to maintain one net-wide password file instead of having > to try to keep N separate files (one per system) up to date. > > I suspect that the cited entry serves a similar purpose on your variety > of UN*X. This type of entry will appear (at least with SysV) if an entry in the passwd file is corrupted (too many or too few : fields, or a blank line) and then the passwd program is run. When the file is being put back together, it comes across the wierd entry and puts back the wrong thing, what you see above. Remove it right away! Why? Well, you will notice that it is user root (0), and, you could su to it (su "") without a need for a password. Not all that fun (for the admin at least :-). -- Jim Webb "Out of Phase -- Get Help" att!mtune!jrw #include <std/disclaimer.h> jrw@mtune.att.com
gwyn@smoke.BRL.MIL (Doug Gwyn) (08/25/89)
In article <10975@boulder.Colorado.EDU> bobk@fred.colorado.edu (Bob Kinne) writes: >What is the purpose of the following /etc/passwd entry? >::0:0::: (null login, password, and shell) To permit anyone at all to become super-user without having to supply a password! These entries are created as a side-effect of a deficiency in the pwd- reading library routines in Berkeley variants of UNIX, when the password file is updated and there is some malformed entry in it. You really ought to fix the library routine and then rebuild /bin/passwd etc.