Bug 54542

Summary: Serios security bug #48786 still present in current rawhide.
Product: [Retired] Red Hat Raw Hide Reporter: Alexander Kanevskiy <kad>
Component: util-linuxAssignee: Elliot Lee <sopwith>
Status: CLOSED RAWHIDE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: high    
Version: 1.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-10-11 20:13:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander Kanevskiy 2001-10-11 16:05:14 UTC 
Description of Problem:

security problem described in bug #48786 still presents in current 
rawhide:

[root@sos kad]# ls -l /etc/shadow
-rw-------    1 root     root         1199 PP:Q 11 18:48 /etc/shadow
[root@sos kad]# vipw
You are using shadow passwords on this system.
Would you like to edit /etc/shadow now [y/n]? y
[root@sos kad]# ls -l /etc/shadow
-rw-r--r--    1 root     root         1199 Oct 11 18:53 /etc/shadow
[root@sos kad]# rpm -q util-linux
util-linux-2.11f-10
[root@sos kad]#
Comment 1 Gilles J. Seguin 2001-10-11 19:29:04 UTC 
not able to reproduce
Comment 2 Alexander Kanevskiy 2001-10-11 20:13:49 UTC 
type:

vipw
:wq
y
:wq
ls -l /etc/shadow
Comment 3 Bill Nottingham 2001-10-12 02:46:55 UTC 
Note 'Patch9:' line in spec file.
Note no corresponding %patch9 line.

egg -> face.

Fixed in -12.