Page MenuHomeFreeBSD
Differential D23548

daily/200.backup-passwd periodic script not hiding the password field of certain users
ClosedPublic
Actions

Authored by sigsys_gmail.com on Feb 6 2020, 10:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 5, 9:01 AM
Unknown Object (File)
Wed, Oct 29, 4:00 PM
Unknown Object (File)
Wed, Oct 29, 4:22 AM
Unknown Object (File)
Tue, Oct 28, 2:06 PM
Unknown Object (File)
Sun, Oct 26, 1:31 PM
Unknown Object (File)
Sat, Oct 25, 9:21 PM
Unknown Object (File)
Mon, Oct 20, 6:18 PM
Unknown Object (File)
Wed, Oct 15, 10:10 PM
View All Files
Subscribers
imp

Details

Reviewers
None
Group Reviewers
Contributor Reviews (src)
Commits
rS357756: backup-passwd: mask out all passwords in the diff
Summary

The (hashed) password of users with a "+" or "-" in their username is being sent in the periodic emails as-is instead of being replaced by "(password)".

If the intent was to ignore NIS entries, then it should check only the first character. But I think that this is unnecessary, NIS entries follow the same format and the second field either is a password or should be empty.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

sigsys_gmail.com created this revision.Feb 6 2020, 10:01 PM
lwhsu added a reviewer: Contributor Reviews (src).Feb 6 2020, 10:05 PM
This revision was not accepted when it landed; it landed in state Needs Review.Feb 11 2020, 6:12 AM
Closed by commit rS357756: backup-passwd: mask out all passwords in the diff (authored by kevans). · Explain Why
This revision was automatically updated to reflect the committed changes.
kevans added a commit: rS357756: backup-passwd: mask out all passwords in the diff.
Herald added a subscriber: imp. · View Herald TranscriptFeb 11 2020, 6:12 AM

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
periodic/
etc/
daily/
2 lines

Diff 68105

View Options

head/usr.sbin/periodic/etc/daily/200.backup-passwd

Loading...