[Bug 499425]

Jamie Strandboge jamie at ubuntu.com
Fri Oct 14 20:24:52 UTC 2011 

Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

** Tags added: hardy

** Changed in: eglibc (Ubuntu Dapper)
       Status: Triaged => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/499425

Title:
  getpwnam shows shadow passwords of NIS users

Status in The GNU C Library:
  Fix Released
Status in “eglibc” package in Ubuntu:
  Fix Released
Status in “eglibc” source package in Lucid:
  Fix Released
Status in “eglibc” source package in Dapper:
  Won't Fix
Status in “eglibc” source package in Hardy:
  Triaged
Status in “eglibc” source package in Intrepid:
  Invalid
Status in “eglibc” source package in Jaunty:
  Won't Fix
Status in “eglibc” source package in Karmic:
  Won't Fix

Bug description:
  Hello,

  I have several machines where almost all user accounts come by NIS. The NIS
  server is running on a Solaris machine. As usual, the Solaris NIS server
  exports the passwd data in the map "passwd" and the shadow data in the map
  "passwd.adjunct.byname". These two maps are mangled together in some calls
  of libc6, for example in getpwnam. This makes it possible for every user who
  has an account on the NIS client machine to see the encrypted passwords of
  all NIS users. This is a grave security bug.

  Furthermore, getspnam returns a NULL pointer for all NIS users, even if
  getspnam is called by root.

  The attached patch seems to solve the problems.

  It makes the following changes:

  * In nis-pwd.c, do not mangle encrypted password from 
     passwd.adjunct.byname map  into the password field
     of passwd map, instead mangle an 'x' into the field

  * In nis-spwd.c, look for key in passwd.adjunct.byname if shadow.byname
     does not exist and add the two missing fields (passwd.adjunct.byname
     has two fields less than shadow)

  Maybe some people can have a look over my patch to see if I missed
  anything.

  Regards
    Christoph

  ProblemType: Bug
  Architecture: amd64
  Date: Tue Dec 22 13:02:29 2009
  Dependencies:
   libgcc1 1:4.2.4-1ubuntu3
   gcc-4.2-base 4.2.4-1ubuntu3
   libc6 2.7-10ubuntu5
  DistroRelease: Ubuntu 8.04
  Package: libc6 2.7-10ubuntu5
  PackageArchitecture: amd64
  ProcEnviron:
   SHELL=/bin/tcsh
   PATH=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games
   LANG=en_US.UTF-8
  SourcePackage: glibc
  Uname: Linux 2.6.24-24-generic x86_64

To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/499425/+subscriptions

More information about the foundations-bugs mailing list