Patch #: 86 Type: operational change Priority: none Modification: check for null AUFS password for adjunct passwd systems Submitted: David Dawes Archived: munnari.OZ.AU mac/cap.patches/cap60.patch086 Application: 'cd cap60; patch -p < cap60.patches/cap60.patch086' Summary: SunOS C2 security can allow NULL password AUFS access File: cap60/applications/aufs/afpos.c *** applications/aufs/afpos.c.orig Sun Feb 16 19:18:43 1992 --- applications/aufs/afpos.c Mon Feb 17 14:14:47 1992 *************** *** 1,7 **** /* ! * $Author: djh $ $Date: 1992/02/16 08:18:21 $ ! * $Header: /mac/src/cap60/applications/aufs/RCS/afpos.c,v 2.18 1992/02/16 08:18:21 djh Rel djh $ ! * $Revision: 2.18 $ */ /* --- 1,7 ---- /* ! * $Author: djh $ $Date: 1992/02/17 03:14:10 $ ! * $Header: /mac/src/cap60/applications/aufs/RCS/afpos.c,v 2.19 1992/02/17 03:14:10 djh Rel djh $ ! * $Revision: 2.19 $ */ /* *************** *** 3132,3139 **** logit(0,"Login: Unknown user %s",nam); return(aeParamErr); /* unknown user */ } ! if (strlen(p->pw_passwd) <= 0) { ! logit(0,"Login: user %s has a NULL password",nam); return(aeUserNotAuth); } #ifdef ULTRIX_SECURITY --- 3132,3140 ---- logit(0,"Login: Unknown user %s",nam); return(aeParamErr); /* unknown user */ } ! /* cope with some adjunct password file schemes */ ! if (strlen(p->pw_passwd) <= 0 || strlen(pwd) <= 0) { ! logit(0,"Login: NULL password access denied for %s",nam); return(aeUserNotAuth); } #ifdef ULTRIX_SECURITY *** README.orig Mon Feb 17 14:14:59 1992 --- README Mon Feb 17 14:15:23 1992 *************** *** 3,9 **** (For use with AppleTalk/Ethernet bridge) o RELEASE NOTES ! o CAP Distribution 6.0, Patch Level 85, February 1992 Introduction ------------ --- 3,9 ---- (For use with AppleTalk/Ethernet bridge) o RELEASE NOTES ! o CAP Distribution 6.0, Patch Level 86, February 1992 Introduction ------------