netbsd-bugs: security/5658: security/shadow-password penetrating bug

Subject: security/5658: security/shadow-password penetrating bug
To: None <gnats-bugs@gnats.netbsd.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: netbsd-bugs
Date: 06/25/1998 23:26:11

>Number:         5658
>Category:       security
>Synopsis:       shadow-password penetrating bug
>Confidential:   yes
>Severity:       critical
>Priority:       high
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 25 23:35:01 1998
>Last-Modified:
>Originator:     Wolfgang Rupprecht
>Organization:
W S Rupprecht Computer Consulting, Fremont CA
>Release:        current may 22, 98
>Environment:
	
System: NetBSD capsicum.wsrcc.com 1.3F NetBSD 1.3F (WSRCC) #0: Mon Jun 15 10:43:51 PDT 1998 root@capsicum.wsrcc.com:/v/src/netbsd/NetBSD-current/usr/src/sys/arch/i386/compile/WSRCC i386


>Description:
	a normal user can read the shadow password file

>How-To-Repeat:
	at -f /etc/master.passwd now + 1 minute
	wait at most 11 minutes

>Fix:
	don't open files within at(1) using the root's access rights.
>Audit-Trail:
>Unformatted: