Bug 48786

From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12smp i686; Nav)

Description of problem:
There is an incredibly serious problem with vipw in util-linux 2.10s on
Redhat 7.1. If you edit the /etc/shadow or /etc/gshadow files, vipw
actually creates a copy in /etc (or somewhere), and lets you edit that.
Afterwards, it copies it back to the normal location. However, it doesn't
set the permissions correctly, resulting in a world-readable /etc/shadow,
allowing brute force attacks.

How reproducible:
Always

Steps to Reproduce:
1. Run vipw
2. Do some random change (insert and delete space, whatever), then save
3. Say yes when promted to edit /etc/shadow
4. Do another random change
5. /etc/shadow now has mode 644


Actual Results: 
[root@caliper /root]# ls -l /etc/shadow
-rw-------    1 root     root          847 Jul 11 15:42 /etc/shadow
[root@caliper /root]# vipw
<here I'm editing /etc/passwd>
You are using shadow passwords on this system. Would you like to edit
/etc/shadow now [y/n]? y
<here I'm editing /etc/shadow>
[root@caliper /root]# ls -l /etc/shadow
-rw-r--r--    1 root     root          847 Jul 11 15:48 /etc/shadow
[root@caliper /root]# 

Expected Results:  /etc/shadow and /etc/gshadow should always be 600.

Additional info:

At first I thought that vipw was just ignoring my umask, which would be bad
enough but at least it's an easy fix. (make sure root's umask is always
077). However, even with a umask of 077, the file is created mode 644.

This problem was also observed on a Mandrake 8.0 system with util-linux
2.11d