tech-security: Re: Using a +t /tmp for chpass(1)

Subject: Re: Using a +t /tmp for chpass(1)
To: None <tech-security@netbsd.org>
From: Christos Zoulas <christos@astron.com>
List: tech-security
Date: 10/09/2006 18:43:22

In article <452A8E4E.4050604@NetBSD.org>, Elad Efrat  <elad@NetBSD.org> wrote:
>Christos Zoulas wrote:
>
>> I think that chpass should obey the /etc/ptmp lock.
>> [...] 
>> The problem with editing the password file and creating a temp file
>> in /tmp is data loss from concurrent edits. How does this scheme
>> prevent this? Let's say I am editing the password file using vipw.
>> You run chpass; I save my edit; your changes are lost.
>
>Did chpass(1) use the /etc/ptmp lock prior to the changes mentioned
>in the original mail?

No, it did not.

christos