Subject: Re: security/4555: /etc/daily can give misleading advice
To: None <gnats-bugs@NetBSD.ORG, netbsd-bugs@NetBSD.ORG>
From: Todd Vierling <tv@NetBSD.ORG>
List: netbsd-bugs
Date: 11/26/1997 08:16:45
My take on this bug:  Since '+' is the known NIS cookie, and the getpw*()
routines properly understand this and never pass it to a calling program,
and its 'password' is unusable in /etc/passwd (the V7 passwd file), I
believe this should be filtered from /etc/daily.

At best, /etc/daily should warn if user/group '+' exists and ypbind is not

I'd be glad to fix this before release if this sounds reasonable.

== Todd Vierling (Personal; Business
== Vierling's Axiom: The revolution won't be televised; it will be posted.