>Description:
Applications that rely on getttyent and related calls will
not find entries that are not listed in /etc/ttys. Screen
and xterm (rxvt, color_xterm) will not be able to obtain
unique utmp slots as a result. This isn't a critical problem
but it will keep utilities such as 'finger', 'who' and 'w'
from displaying the correct information.
Closes PR#conf/1270
Submitted by: winter@jurai.net
When an rsh is denied by rshd because the client is lacking appropriate
.rhosts permission, an error message is formatted for syslog which contains
the client's hostname. The hostname portion of the message relies on a pointer
to a field within gethostbyname()'s internal struct hostent which changes state
between when the pointer is initialized and when it is dereferenced to create th
e
message.
Submitted by: skynyrd@opus.cts.cwu.edu
>Description:
/usr/libexec/mail.local runs as root. As such is can fill up a
mailbox on a quota'd filesystem, and keep going... Makes quota's
almost useless in an ISP environment.
Closes: PR#bin/1111
Submitted by: Charles Henrich <henrich@crh.cl.msu.edu>
Garrett Wollman sent me this code a few weeks ago for review, and I made
some significant changes, which he in turn accepted ...
In order to make use of these changes, a device entry has to added to /dev.
Submitted by: wollman
For definitions without an "nc" entry, some parts have now been
mis-detected as `non-comment'. Avoid this by not converting the
noregexp in case the "nc" capability has not been found. I begin to
wonder why things like missing "ab"/"ae"'s do work at all...
Detected by: nate
If timed is running when system clock is changed by date command,
improper wtmp entry is made. According to wtmp(5), two entries, one
with "|" as ut_line field and one with "{" for ut_line, should be
recorded, but, one with "|" and one with "}" are made.
Closes: PR#bin/1182
Submitted by: Masafumi NAKANE <masafumi@tky007.tth.expo96.ad.jp>
When you ask pr to use form feeds at the end of pages and specify a page
length and tell pr to not put the fancy headers and footers on each
pages, then pr will not separate the pages with a form feed.
Closes PR: bin/1237
Submitted by: Warner Losh <imp@village.org>
/var/yp/master.passwd template file and it uses the same kind of code
as chpass(1), it may also be vulnerable to the bug from PR #1519.
May as well deal with it since I'm in the area. (yppasswdd in -stable
doesn't do additions, therefore it shouldn't be have this problem.)
and both changes need to be pulled into the stable branch). The
problem here is that when pwd_mkdb creates /etc/passwd, it turns
empty UID and GID fields into zeroes. To fix this, we check the
_PWF_UID and _PWF_GID bits in the pw_fields flag: if the bits
are not set, we print an empty field instead of a zero. This way,
you don't get zeroes in the UID or GID fields unless you explicit
want them.
the required size, as opposed to simply `touch'ing it. This works
around problems in the -current NFS and/or VFS and/or VM code.
Also hint about restricting the permissions to this file.
which is what syslogd presumably uses too. Notice that the "protocol"
is bogus in not defining the timezone. "protocol" because it hardly
deserves the name :-)
closes bin/1739
Reported by: Stefan Zehl <sec@wg.camelot.de>
following warning:
warning: ANSI C forbids braced-groups within expressions
Adding __extension__ before the statement-expression seems to work right.
Submitted by: bde (a *long* time ago)
contents are discarded, including the cached seek cookies.
Unfortunately, if the directory was larger than NFS_DIRBLKSIZ, then
this confused nfs_readdirrpc(), making it appear as if the directory
was truncated.
Reviewed by: Karl Denninger <karl@Mcs.Net>
the full argument vector.
I've bumped into a few things that expected this switch to be present,
the most recent was the snmp package in ports. I'm not 100% sure of the
origins of this, but Linux has it, so does the "BSD-compatable" version
of ps on our SVR4 systems (so I assume SunOS has it too).
or rpc.ypxfrd processes on remote systems that aren't bound to reserved
ports. The servers already do reserved port checks on the clients.
Obtained from: scrutinizing the OpenBSD ypxfr sources. (Note that this
applies to the ypserv check only; OpenBSD doesn't have an rpc.ypxfrd.)
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.