19.2 Monitoring File Format
Most programs that access the
/etc/passwd and
/etc/group files are very sensitive to problems
in the formatting of those files, or to bad values. Because of the
compact representation of the file, entries that are badly formatted
could be hidden.
Traditionally, a number of break-ins to Unix systems have occurred
when a program that was designed to write to the
/etc/passwd file was given bad input. For
instance, early versions of the
chfn and yppasswd
commands could be given input with
":" characters or too many
characters. The result was a badly formatted record to write to the
/etc/passwd file. Because of the way the records
were written, the associated library routines that write to the file
would truncate or pad the entries, and might produce an entry at the
end that looked like:
::0:0:::
This type of entry would then allow a local user to become a
superuser by typing:
$ su ' '
#
(The above example changes the user to the null-named account.)
Clearly, this result is undesirable.
You should check the format of both the passwd
and group files on a regular basis. With many
versions of Unix with System V ancestry, there are two commands on
the system that will check the files for number of fields, valid
fields, and other consistency factors. These two programs are
pwck and grpck; they
are usually found in /etc or
/usr/sbin.
|