pwd_mkdb copies comments from /etc/master.passwd to /etc/passwd. Since /etc/passwd is world readable this could reveal encrypted, although currently not active, passwords from entries that have been commented out for some reason. Fix: A solution would be to not copy comments to /etc/passwd: How-To-Repeat: Add a user with password to /etc/master.passwd. vipw and comment out the entry by adding a # in front of it. As normal user: grep '#' /etc/passwd The result looks something like this: # $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06 20:19:56 brooks Exp $ # #bla:$1$p6BO4g61$1nBDxyYFx4veLK9TAXYM8/:998:0:md5:0:0::/var/empty:/bin/sh
For bugs matching the following criteria: Status: In Progress Changed: (is less than) 2014-06-01 Reset to default assignee and clear in-progress tags. Mail being skipped
MARKED AS SPAM
Still relevant, patch still applicable. Needs to be determined what the desired behaviour is.
(In reply to Ceri Davies from comment #3) The proposed change was reasonable. I'll give this a shot soon.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=0deb25bd9d6d2cdd4aa22f0e2754161e35f3785c commit 0deb25bd9d6d2cdd4aa22f0e2754161e35f3785c Author: Andre Albsmeier <Andre.Albsmeier@siemens.com> AuthorDate: 2010-03-11 10:53:47 +0000 Commit: Xin LI <delphij@FreeBSD.org> CommitDate: 2023-01-05 06:18:09 +0000 pwd_mkdb(8): Don't copy comments from /etc/master.passwd to /etc/passwd. The intention of /etc/passwd was to support legacy applications that are not yet converted to use modern API like getpwent(3). Comments are not defined in the legacy format, so copying them could break these applications. Plus, it could leak sensitive information (e.g. encrypted form of password of an user that was commented out instead of deleted or disabled). PR: bin/144652 MFC after: 1 month usr.sbin/pwd_mkdb/pwd_mkdb.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3e955733117d1068acbcc19d7113ab5c7ccef2c9 commit 3e955733117d1068acbcc19d7113ab5c7ccef2c9 Author: Andre Albsmeier <Andre.Albsmeier@siemens.com> AuthorDate: 2010-03-11 10:53:47 +0000 Commit: Xin LI <delphij@FreeBSD.org> CommitDate: 2023-02-04 00:25:54 +0000 pwd_mkdb(8): Don't copy comments from /etc/master.passwd to /etc/passwd. The intention of /etc/passwd was to support legacy applications that are not yet converted to use modern API like getpwent(3). Comments are not defined in the legacy format, so copying them could break these applications. Plus, it could leak sensitive information (e.g. encrypted form of password of an user that was commented out instead of deleted or disabled). PR: bin/144652 (cherry picked from commit 0deb25bd9d6d2cdd4aa22f0e2754161e35f3785c) usr.sbin/pwd_mkdb/pwd_mkdb.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-)
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=b96684daa837462342093344a144e0ee636a9e22 commit b96684daa837462342093344a144e0ee636a9e22 Author: Andre Albsmeier <Andre.Albsmeier@siemens.com> AuthorDate: 2010-03-11 10:53:47 +0000 Commit: Xin LI <delphij@FreeBSD.org> CommitDate: 2023-02-04 00:27:55 +0000 pwd_mkdb(8): Don't copy comments from /etc/master.passwd to /etc/passwd. The intention of /etc/passwd was to support legacy applications that are not yet converted to use modern API like getpwent(3). Comments are not defined in the legacy format, so copying them could break these applications. Plus, it could leak sensitive information (e.g. encrypted form of password of an user that was commented out instead of deleted or disabled). PR: bin/144652 (cherry picked from commit 0deb25bd9d6d2cdd4aa22f0e2754161e35f3785c) usr.sbin/pwd_mkdb/pwd_mkdb.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-)