Patch-ID# 103235-08 Keywords: security AdminSuite 2.1 patch Synopsis: Solstice AdminSuite 2.1: AdminSuite patch Date: Oct/09/96 Solaris Release: 2.3 2.4 2.5 SunOS Release: 5.3 5.4 5.5 Unbundled Product: Solstice AdminSuite Unbundled Release: 2.1 Relevant Architectures: sparc Xref: This patch available for x86 as patch 103236 BugId's fixed with this patch: 1237225 1234552 1236787 1239024 1239007 1238611 1233511 1243951 1242670 1262888 4005611 Changes incorporated in this version: 4005611 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: SUNWsadmc SUNWadm/2.1/lib/libadmldb.so.2 SUNWadm/2.1/lib/libadmutil.so.2 SUNWadm/2.1/lib/libsw.so.2 SUNWadm/2.1/lib/libadmdb.so.2 SUNWsadmo SUNWadm/2.1/lib/libadmObjs.so.2 SUNWsadma SUNWadm/2.1/bin/dbmgr Problem Description: rev-01 1236787 - security problem 1237225 - security problem 1234552 - could not add OS services from an SHWPs CD-ROM. rev-02 rev-03 1239024 - security problem 1239007 - '_' not allowed in user name (usermgr) rev-04 1238611 - nisaddcred failures 1233511 - Host Manager appends domain name when it doesn't need to rev-05 1238611 - (redo previous fix) 1243951 - database code deletes /etc files when using NIS rev-06 1242670 - if using NIS+ and your NIS+ server is set up to access DNS, an error of "user already exists" is seen if trying to add a new user. rev-07 1262888 - security problem rev-08 4005611 - security problem Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- Adminsuite 2.1 uses excessive permissions when adding new users to NIS+. This patch fixes the problem. However, users that were created prior to the application of this patch may have excessive permissions. Therefore you should check the passwd table for entries with excessive permissions. The following short awk program can be used for this passwd table check. # awk program to check for NIS+ entries with excessive permissions function readNlines(n) { for (i = n; i > 0; i--) getline } /Access.+ ....rmcd/ { readNlines(6) print substr($5, 2, length($5) - 2) } Put this program in a file and run it with the following cmd pipeline: % niscat -o '[]passwd.org_dir' | nawk -f and the name field of each passwd table entry with excessive permissions will be printed one per line on stdout. Note that this script only checks for the type of excessive permissions generated by the Adminsuite 2.1 bug fixed in this patch. If the program above reveals entries with excessive permissions, then you can take a look at them with the following cmd: % niscat -o '[name=user]passwd.org_dir' One line of the output will look similiar to the following: Access Rights : ----rmcdr---r--- ^^^^ This allows the owner to read, modify, change, and delete information. The rights at this level should be more restrictive and they should be changed. To restore the permissions to what they were intended to be for one entry, do the following (you must have table modify permissions): % nischmod o=r,ngw-rmdc '[name=user]passwd.org_dir' Or for each entry in the whole table at once, do the following: % nischmod o=r,ngw-rmdc '[]passwd.org_dir' This sets the owner permissions to r (read) and removes all permissions from nobody, group, and world. Please note this will only change the permissions on a per-entry basis and will not change the table or column permissions. AdminSuite 2.1 also incorrectly changes the permissions on the source file used to build the NIS (YP) passwd map. This patch fixes the problem, but after installing the patch, you should verify that the passwd map source file has a file mode of 644 (or more restrictive, depending on your preferences), and is owned by root.