[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security issue with lookupd and others

Subject: security issue with lookupd and others
From: Giuliano Gavazzi <email@hidden>
Date: Sun, 15 Dec 2002 14:49:32 +0000

I see that any puny user can do (amongst other equivalent things)

lookupd -q user -a name someadminuser

and get the encrypted password for someadminuser.

Forgive my ignorance and for somehow discovering hot water, but what's the point of protecting /etc/master.passwd and then letting any user get the passwords anyway?

This is not only a problem with Darwin as getpwnam can do the same in any system afaik.

Clearly the problem, if this is one, is not just with lookupd executability, because: has lookupd any chance of detecting the uid of the process querying it (via UNIX and IP sockets). I guess not.
The same goes for NetInfo and all its utilities.

Giuliano
--
H U M P H
|| |||
software

Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
_______________________________________________
darwin-development mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-development
Do not post admin requests to the list. They will be ignored.

Prev by Date: tcsh: Out of memory
Next by Date: Re: Malloc error????
Previous by thread: tcsh: Out of memory
Next by thread: problem with g77 in gcc-3.3
Index(es):
- Date
- Thread

Home