Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbosgd!gatech!seismo!brl-smoke!gwyn
From: gwyn@brl-smoke.ARPA (Doug Gwyn )
Newsgroups: net.bugs.usg,net.bugs.4bsd
Subject: Re: /etc/passwd grungies
Message-ID: <765@brl-smoke.ARPA>
Date: Sun, 9-Feb-86 05:23:27 EST
Article-I.D.: brl-smok.765
Posted: Sun Feb  9 05:23:27 1986
Date-Received: Tue, 11-Feb-86 06:34:57 EST
References: <3039@mnetor.UUCP>
Reply-To: gwyn@brl.ARPA
Organization: /usr/local/lib/news/organization
Lines: 16
Xref: watmath net.bugs.usg:442 net.bugs.4bsd:1959

> BEWARE: In /etc/passwd blank or otherwise badly formatted lines can
> cause *extremely* anomalous behaviour.

This is an understatement.  Any time a line of /etc/passwd
is edited so that it contains the wrong number of fields,
subsequent updating (e.g., by the "passwd" command) can
produce one or more lines in /etc/passwd of the form
	::0:0:::
which has the interesting consequence that one can "log in"
using a null username, not have to give a password, and end
up as superuser.

This problem was fixed in the /etc/passwd-reading library
routines in UNIX System V, but not in 4.2BSD.

I have seen this problem occur several times.