Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!pasteur!ucbvax!tut.cis.ohio-state.edu!osu-cis!att!cbnewsh!ho5cad!wjc
From: wjc@ho5cad.ATT.COM (Bill Carpenter)
Newsgroups: comp.bugs.sys5
Subject: zero length /etc/passwd (was Re: ulimit)
Message-ID: <WJC.89Apr22100003@ho5cad.ho5cad.ATT.COM>
Date: 22 Apr 89 09:00:03 GMT
References: <19516@genrad.UUCP> <1319@nusdhub.UUCP> <10075@smoke.BRL.MIL> <881@cetia4.UUCP> <100455@sun.Eng.Sun.COM>
Sender: nntp@cbnewsh.ATT.COM
Organization: AT&T Bell Laboratories
Lines: 22
In-reply-to: plocher%sally@Sun.COM's message of 21 Apr 89 20:44:34 GMT

In article <100455@sun.Eng.Sun.COM> plocher%sally@Sun.COM (John Plocher) writes:
> Kids, don't do this at home.
>[shows bug that truncates /etc/passwd]
> 	% ls -l /etc/passwd*
> 	-rw-r--r--  1 root            0 Apr  3 10:44 /etc/passwd
> 	-rw-r--r--  1 root          439 Apr  3 10:40 /etc/passwd.old
> 	% su
> 	password: xxxxxxx
> 	# cp /etc/passwd.old /etc/passwd

No, kidding, "don't do this"!!  I was once the last user on a machine
and discovered that some clever daemon had truncated /etc/passwd.  I
thought I'd do just this sort of thing.  Hmmm, just how did I expect
"su" to verify that I had typed the right passwd?  At least under
SysV, this was big trouble.  Would BSD or SunOS have behaved differently?

"Sorry" (meaning, "grab that backup disk of the root file system").
(I tried being root on machines networked to the damaged one; none let
me get in and most asked personal questions like "Who are you?")
--
--
   Bill Carpenter         att!ho5cad!wjc  or  attmail!bill