Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Group File Format/Security

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Group File Format/Security
# 1  
Old 07-31-2012
Group File Format/Security
I am reviewing group files on unix servers with Solaris 10. I have noticed several errors in the group files in relation to formatting. For example my fields may look like this:

,:
group name:bb
,user3

Those are just examples. It appears as though some fields were shifted from a previous group listing into its own row. I know there are commands and different tools I can use to remove these format issues. My question is, are there any security vunerabilites created by these errors? If so, is there any documentation, or does anyone know of any articles that would discuss them.
# 2  
Old 07-31-2012
The security vulnerabilities would depend on the contents of the file. Seeing two lines of it doesn't allow me to extrapolate the rest.
# 3  
Old 08-01-2012
I see from the Solaris security guide that the ASET tool will check group files for formatting problems an correct them. I was interested in knowing in general what potential security vulnerabilities could be created by having formatting issues in the etc group file. I have these issues in my group file . I am not looking for a specific answer for my server but just for example so you can understand. Group 1 should have a password of xx a gid of 600 and have user1 as the only group member. In my file it would look like this.

Group 1:xx:
600:user1

There are many variations of formatting errors in the file just looking for a general answer to any potential security issues group file formatting problems can create.
# 4  
Old 08-01-2012
Quote:
Originally Posted by keithhhs79
I was interested in knowing in general what potential security vulnerabilities could be created by having formatting issues in the etc group file.
The problem is that 'formatting issues' can put anything in the group file. You may have users belonging to groups they shouldn't. You may have users not belonging to groups they should.

The implications of that depend on which groups have been messed up in what way.
This User Gave Thanks to Corona688 For This Post:
keithhhs79
# 5  
Old 08-01-2012
The only way that this anomaly could occur is by manual editing of the /etc/group file.
Suggest that you first copy the file, then run the grpck program and clear-up any anomalies with a manal edit as root.

Ps. I can't see any adverse security anomalies from invalid entries in a /etc/group file because this is a strict format file and the invalid entries will be ignored. However, I have seen valid entries after an invalid line being ignored.


Quote:
Group 1:xx:
600:user1
Please no space characters in a group name.
Last edited by methyl; 08-01-2012 at 09:41 PM..
This User Gave Thanks to methyl For This Post:
keithhhs79
# 6  
Old 08-02-2012
Thanks for the help
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to create a volume group, logical volume group and file system?

hi, I want to create a volume group of 200 GB and then create different file systems on that. please help me out. Its becomes confusing when the PP calculating PP. I don't understand this concept. (2 Replies)
Discussion started by: kamaldev
2 Replies

2. Cybersecurity

Group file format

I posted this in the unix for dummies section yesterday, but I don't think I was clear, so I am reporting here. I am working with a unix server with Solaris 10. I see from the Solaris security guide that the ASET tool will check group files for formatting problems an correct them. I was interested... (1 Reply)
Discussion started by: keithhhs79
1 Replies

3. Shell Programming and Scripting

need a one liner to grep a group info from /etc/group and use that result to search passwd file

/etc/group tiadm::345:mk789,po312,jo343,ju454,ko453,yx879,iy345,hn453 bin::2:root,daemon sys::3:root,bin,adm adm::4:root,daemon uucp::5:root /etc/passwd mk789:x:234:1::/export/home/dummy:/bin/sh po312:x:234:1::/export/home/dummy:/bin/sh ju454:x:234:1::/export/home/dummy:/bin/sh... (6 Replies)
Discussion started by: chidori
6 Replies

4. Shell Programming and Scripting

Converting windows format file to unix format using script

Hi, I am having couple of files which i used to copy from windows to Linux, so now in case of text files (CTRL^M) appears at end of line. I know i can convert this windows format file to unix format file by running dos2unix. My requirement here is that i want to do it automatically using a... (5 Replies)
Discussion started by: sarbjit
5 Replies

5. Shell Programming and Scripting

Sort the file contents in each group....print the group title as well

I've this file and need to sort the data in each group File would look like this ... cat file1.txt Reason : ABC 12345-0023 32123-5400 32442-5333 Reason : DEF 42523-3453 23345-3311 Reason : HIJ 454553-0001 I would like to sort each group on the last 4 fileds and print them... (11 Replies)
Discussion started by: prash184u
11 Replies

6. Shell Programming and Scripting

Convert UNIX file format to PC format

Hi All, Is there any way to convert a file which is in UNIX format to a PC format.... Flip command can be used , apart form this command can we have any other way.... like usinf "awk" etc ..... main purpose of not using flip is that my Kshell doesnot support this comamnd.... (2 Replies)
Discussion started by: Samtel
2 Replies

7. UNIX for Dummies Questions & Answers

Convert UNIX file format to PC format

Hi All, Is there any way to convert a file which is in UNIX format to a PC format.... Flip command can be used , apart form this command can we have any other way.... like usinf "awk" etc ..... main purpose of not using flip is that my Kshell doesnot support this comamnd.... (1 Reply)
Discussion started by: Samtel
1 Replies

8. UNIX for Dummies Questions & Answers

To convert multi format file to a readable ascii format

Hi I have a file which has ascii , binary, binary decimal coded,decimal & hexadecimal data with lot of special characters (like öƒ.ƒ.„İİ¡Š·œƒ.„İİ¡Š· ) in it. I want to standardize the file into ASCII format & later use that as source . Can any one suggest a way a logic to convert such... (5 Replies)
Discussion started by: gaur.deepti
5 Replies

9. UNIX for Dummies Questions & Answers

Convert UTF8 Format file to ANSI format

:confused: Hi i am trying to convert a file which is in UTF8 format to ANSI format i tried to use the function ICONV but it is throwing error Function i used it as $ iconv -f UTF8 -t ANSI filename Error iam getting is NOT Supported UTF8 to ANSI please some help me out on... (9 Replies)
Discussion started by: rajreddy
9 Replies

10. UNIX for Advanced & Expert Users

Convert UTF8 Format file to ANSI format

:) Hi i am trying to convert a file which is in UTF8 format to ANSI format i tried to use the function ICONV but it is throwing error Function i used it as $ iconv -f UTF8 -t ANSI filename Error iam getting is NOT Supported UTF8 to ANSI please some help me out on this.........Let me... (1 Reply)
Discussion started by: rajreddy
1 Replies
Login or Register to Ask a Question