This is an addendum to my original SUMMARY.
According to Spider Boardman <spider_at_Orb.Nashua.NH.US>, this is
not a bug, it's a feature.
The permissions on /etc/passwd are supposed to be bin:bin/0644.
However, it may be the case that the Digital UNIX 4.0d installer
incorrectly sets the permissions to be root:system/0644. Thus my
confusion. All of this information has been passed to the CSC.
Original SUMMARY follows:
> I didn't mention it, but this problem was with Digital Unix 4.0D.
>
> I've reported it to the support folks, and it has been escalated to
> the security team. I have no idea when you'll see this fixed, if ever.
>
> My original quesiton is below:
>
> On Tue, Nov 10, 1998 at 10:53:13AM -0500, John Speno wrote:
> > /usr/bin/chfn (and chsh, and maybe passwd) change the owner and group
> > of /etc/passwd to bin:bin.
> >
> > /usr/bin/passwd didn't change the permissions, but since I performed
> > this testing under ENHANCED security, passwd doesn't make any changes
> > to /etc/passwd.
> >
> > I don't think that chfn should change the permissions. Does anyone
> > know why it should?
Received on Thu Nov 19 1998 - 14:35:39 NZDT