Page MenuHomeFreeBSD
Differential D23548

daily/200.backup-passwd periodic script not hiding the password field of certain users
ClosedPublic
Actions

Authored by sigsys_gmail.com on Feb 6 2020, 10:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mar 22 2024, 10:25 AM
Unknown Object (File)
Mar 8 2024, 8:01 PM
Unknown Object (File)
Mar 8 2024, 8:01 PM
Unknown Object (File)
Mar 8 2024, 7:49 PM
Unknown Object (File)
Feb 6 2024, 2:13 PM
Unknown Object (File)
Dec 23 2023, 10:18 AM
Unknown Object (File)
Dec 20 2023, 7:19 AM
Unknown Object (File)
Dec 13 2023, 6:14 AM
View All 32 Files
Subscribers
imp

Details

Reviewers
None
Group Reviewers
Contributor Reviews (src)
Commits
rS357756: backup-passwd: mask out all passwords in the diff
Summary

The (hashed) password of users with a "+" or "-" in their username is being sent in the periodic emails as-is instead of being replaced by "(password)".

If the intent was to ignore NIS entries, then it should check only the first character. But I think that this is unnecessary, NIS entries follow the same format and the second field either is a password or should be empty.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

sigsys_gmail.com created this revision.Feb 6 2020, 10:01 PM
lwhsu added a reviewer: Contributor Reviews (src).Feb 6 2020, 10:05 PM
This revision was not accepted when it landed; it landed in state Needs Review.Feb 11 2020, 6:12 AM
Closed by commit rS357756: backup-passwd: mask out all passwords in the diff (authored by kevans). · Explain Why
This revision was automatically updated to reflect the committed changes.
kevans added a commit: rS357756: backup-passwd: mask out all passwords in the diff.
Herald added a subscriber: imp. · View Herald TranscriptFeb 11 2020, 6:12 AM

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
periodic/
etc/
daily/
2 lines

Diff 68105

View Options

head/usr.sbin/periodic/etc/daily/200.backup-passwd

Loading...