Page MenuHomeFreeBSD
Differential D23548

daily/200.backup-passwd periodic script not hiding the password field of certain users
ClosedPublic
Actions

Authored by sigsys_gmail.com on Feb 6 2020, 10:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, May 14, 10:40 PM
Unknown Object (File)
Fri, May 8, 10:05 AM
Unknown Object (File)
Mon, May 4, 2:45 PM
Unknown Object (File)
Thu, Apr 30, 1:01 PM
Unknown Object (File)
Tue, Apr 21, 10:44 AM
Unknown Object (File)
Mon, Apr 20, 6:27 AM
Unknown Object (File)
Sun, Apr 19, 3:10 AM
Unknown Object (File)
Sat, Apr 18, 5:58 AM
View All Files
Subscribers
imp

Details

Reviewers
None
Group Reviewers
Contributor Reviews (src)
Commits
rS357756: backup-passwd: mask out all passwords in the diff
Summary

The (hashed) password of users with a "+" or "-" in their username is being sent in the periodic emails as-is instead of being replaced by "(password)".

If the intent was to ignore NIS entries, then it should check only the first character. But I think that this is unnecessary, NIS entries follow the same format and the second field either is a password or should be empty.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

sigsys_gmail.com created this revision.Feb 6 2020, 10:01 PM
lwhsu added a reviewer: Contributor Reviews (src).Feb 6 2020, 10:05 PM
This revision was not accepted when it landed; it landed in state Needs Review.Feb 11 2020, 6:12 AM
Closed by commit rS357756: backup-passwd: mask out all passwords in the diff (authored by kevans). · Explain Why
This revision was automatically updated to reflect the committed changes.
kevans added a commit: rS357756: backup-passwd: mask out all passwords in the diff.
Herald added a subscriber: imp. · View Herald TranscriptFeb 11 2020, 6:12 AM

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
periodic/
etc/
daily/
2 lines

Diff 68105

View Options

head/usr.sbin/periodic/etc/daily/200.backup-passwd

Loading...