Subject: bin/11518: chfn (at the least) nullifies passwords through yp
To: None <>
From: Mason Loring Bliss <>
List: netbsd-bugs
Date: 11/18/2000 09:44:13
>Number:         11518
>Category:       bin
>Synopsis:       chfn (at the least) nullifies passwords through yp
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Nov 18 09:44:00 PST 2000
>Originator:     Mason Loring Bliss
>Release:        netbsd-1-5-RELEASE
    M a s o n     L o r i n g     B l i s s
awake ? sleep : (random() & 2) ? dream : sleep; 
System: NetBSD 1.5 NetBSD 1.5 (MLB) #0: Fri Nov 17 17:00:00 EST 2000 i386


chfn blows away a user's password when NIS is running.

Running 1.5 server; tested with -current and 1.5_ALPHA clients.


/home/mason$ chfn

[change information as desired]

Old password:
The YP password information has been changed on, the master YP passwd server.

Then examine user's password on master server or try to use user's password


As yet unknown.