Patch ID	: P94122202
Summary		: SunOS 4.1.3: Root access possible via forced passwd race condition (Sun id 102023-03)
Status		: Optional
Date		: 12/22/94
Release		: OS 4.1C
Architectures	: 
Affected bugs	:

Changed files	:

Problem Description:


This patch is equivalent to Sun patch 102023-03.  Sun's README appears below.

Patch-ID# 102023-03
Keywords: security, SunOS, 4.1.x, passwd, -F, root, race-condition
Synopsis: SunOS 4.1.3: Root access possible via forced passwd race condition
Date: Oct/28/94

Solaris Release: 1.0, 1.1

SunOS Release: 4.1.2, 4.1.3, 4.1.3C

Unbundled Product: 

Unbundled Release: 

Xref: Patch 102060 is the 4.1.3_U1 version of this patch.

Relevant Architectures: sparc

BugId's fixed with this patch: 1169007

Changes incorporated in this version: 

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 4.1.4, 5.x

Files included with this patch: 

   /usr/bin/passwd

Problem Description: 

   This revision is issued to add 4.1.2 support.

   (from 102023-02)
   This revision is issued to correct installation instructions.  The patch
   contents have not otherwise changed.

   (from 102023-01)
   1169007: Security: Root access possible on SunOS 4.1.x via forced passwd
            race condition.

Patch Installation Instructions: 

   1) Login as root.

   2) Make a backup copy of the old file (if you have installed any other
      version of passwd, you may wish to save under another name):
	cp /usr/bin/passwd /usr/bin/passwd.fcs

      (It is important to use "cp" instead of "mv" for this because the
      same passwd program is actually stored under several hard-linked
      alias names and it is important to update them all.)

   3) Change the permissions on the saved file to prevent its execution:
	chmod 400 /usr/bin/passwd.fcs

   4) Copy in the patched file:
	cp `uname -r`/passwd /usr/bin/passwd

   5) Set ownership & permissions:
	chown root /usr/bin/passwd
	chgrp staff /usr/bin/passwd
	chmod 4555 /usr/bin/passwd

   This patch restricts the use of the passwd command's -F option to root,
   unless the system administrator explicitly permits non-root users to
   use the option for specifically-identified alternate password files.

   If you wish to permit such use, set up a file called /etc/pwfiles
   containing a line for each full path you wish to allow non-root users
   to specify as an argument to the -F option.  Lines in /etc/pwfiles
   which do not begin with a "/" character are treated as comments; this
   effectively allows non-root users to use only fully-specified paths
   with -F.  The use of the /etc/pwfiles file in this way is analogous to
   the way the /etc/shells file is used by the passwd command to restrict
   the shells non-root users can set up for themselves (you can see the
   passwd man page for more information on the /etc/shells file).

   Unauthorized non-root use of the -F flag produces the message:

         passwd: -F may not be specified for file <-F arg>.
