Xref: utzoo comp.unix.questions:9628 comp.bugs.sys5:610
Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!ucbvax!decwrl!nsc!taux01!taux02!amos
From: amos@taux02.UUCP (Amos Shapir)
Newsgroups: comp.unix.questions,comp.bugs.sys5
Subject: Re: Dangers of vi & passwd (Was Re: SVR3 passwd changes mode of passwd file)
Message-ID: <195@taux02.UUCP>
Date: 8 Oct 88 15:05:45 GMT
References: <3394@dunkshot.mips.COM> <1235@cbnews.ATT.COM> <426@fciva.FRANKLIN.COM> <472@stiatl.UUCP> <5687@killer.DALLAS.TX.US> <13215@hqda-ai.ARPA>
Organization: National Semiconductor (IC) Ltd, Israel Home of the 32532
Lines: 25
Hdate: 27 Tishrey 5749

In article <13215@hqda-ai.ARPA> jay@hqda-ai.ARPA (Jay Heiser) writes:
>CCI, our SysV vender, has just posted a bulletin warning that vi has
>an undocumented feature.  "[it was] designed to look for the
>occurrence of a line that starts with the string "ei:" and use the
>characters following the ei: as editor commands.  This is NOT
>documented."
>
>In other words, if someone on your system has a userid 'ei',
>unexpected things will happen if you use vi to edit the password file.
>The bulletin only warns about SysV versions of vi (specifically on
>tahoes and Power 5/32s).

It's only on sysV's version because I personally changed it on the BSD4.2
version; I have found out about it exactly as you describe - by editing
the passwd file!  As bugs usually do, it has just crept back when the
original sources from AT&T were used for the sysV port.

All that's needed to trigger it is a line containing 'ex:', 'vi:', 'ei:'
or 'vx:' in the first or last 4 lines.

-- 
	Amos Shapir				amos@nsc.com
National Semiconductor (Israel) P.O.B. 3007, Herzlia 46104, Israel
Tel. +972 52 522261  TWX: 33691, fax: +972-52-558322
34 48 E / 32 10 N			(My other cpu is a NS32532)