passwd.org_dir visible to nobody
passwd.org_dir had read permission for group nobody set. "nischmod n-r
passwd.org_dir" removed read permission for group nobody.
A correspondent noted that the shadow column of the passwd table was
unreadable by everyone ... and that owner should have read rights to it.
This may explain some of the difficulties we've been having changing our
passwords.
"nistbladm -u -t passwd_tbl shadow=o+r passwd.org_dir" adds read
permission for owner to the shadow column of the passwd table.
Thanks to:
Casper Dir <casper@holland.Sun.COM>
David Montgomery <david@cs.newcastle.edu.au>
Kevin Davidson <tkld@cogsci.ed.ac.uk>
--sk
Stuart Kendrick
Network Services
FHCRC
Original query:
I've noticed that unathenticated users can see the passwd field in the
NIS+ passwd.org_dir table.
This isn't right. They ought to see "*NP*".
niscat -o passwd.org_dir shows that the passwd field has no permissions
for group nobody, e.g. an unauthenticated user should not be able to see
this column.
Attached is niscat and nisls output.
Insights?
--sk
Stuart Kendrick
Network Services
FHCRC
snap% nisls -l passwd.org_dir
T r---rmcdrmcdr--- bug1.fhcrc.org. Fri Feb 28 12:16:05 1997
passwd.org_dir.fhcrc.org.
snap% niscat -o passwd.org_dir
Object Name : passwd
Directory : org_dir.fhcrc.org.
Owner : bug1.fhcrc.org.
Group : admin.fhcrc.org.
Access Rights : r---rmcdrmcdr---
Time to Live : 12:0:0
Creation Time : Fri Feb 28 12:16:05 1997
Mod. Time : Tue Mar 18 12:07:12 1997
Object Type : TABLE
Table Type : passwd_tbl
Number of Columns : 8
Character Separator : :
Search Path :
Columns :
[0] Name : name
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[1] Name : passwd
Attributes : (TEXTUAL DATA)
Access Rights : ----rm--r---r---
[2] Name : uid
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[3] Name : gid
Attributes : (TEXTUAL DATA)
Access Rights : r---r---r---r---
[4] Name : gcos
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[5] Name : home
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[6] Name : shell
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[7] Name : shadow
Attributes : (TEXTUAL DATA)
Access Rights : ----------------
Responses:
the passwd.org_dir permissons are examined before the field attributes,
so now you have read for world.
The shadow field needs read permissions for the owner or the user won't
be able to see their own passwords.
Casper
I think the read permission for nobody on the table overrides the column
permission.
David.
Just a thought, but do you run NIS+ with YP/NIS compatibility ? Or
are you still running rpc.nisd with ``-S 0'' from testing/installing
NIS+ ? In either of these cases NIS+ will be running without
authentication.
If you need YP/NIS compatibility, then you cannot block access to the
password field. NIS has no support for shadow passwords. If you have
no NIS clients, then make sure you're not using the -Y flag to rpc.nisd.
--
|Kevin.Davidson@edinburgh.ac.uk +-+ Centre for Cognitive Science/HCRC,
