comments in /eetc/passwd and group

Eric Shubert ejs at shubes.net
Thu Feb 4 10:47:22 MST 2010 

I think it's generally just a bad practice. I don't believe these files 
aren't intended to be edited directly, although I'm personally guilty of 
doing so on occasion.

That being said, I think the best way to know what will happen is to 
look at the source code.

Shawn Badger wrote:
> Somebody did mention security to me as well, but when I asked them to 
> elaborate on it they couldn't.
> I agree you can maintain a separate file for the comments, but I am 
> looking for something that would say if you have blank line lines in in 
> the /etc/passwd or /etc/group file this can happen. And if you have 
> #comments in them this can happen, but so far I have not been able to 
> find anything like that.
> 
> In order to defend my stance, I need to be able to say this will happen 
> if you do that.
> 
> 
> 
> On Thu, Feb 4, 2010 at 9:24 AM, Eric Shubert <ejs at shubes.net 
> <mailto:ejs at shubes.net>> wrote:
> 
>     My understanding is that it could compromise security.
>     Personally, I think this would open a can of worms (so to speak).
> 
>     If I had a need to document what's there, I think I'd create a separate
>     file to documents this. Then you could make it whatever format you like.
>      For updating, perhaps do a diff between the documentation and the live
>     file, along with a little scripting, to keep the documentation up to
>     date a little easier.
> 
>     Shawn Badger wrote:
>      > What are the consequences of adding them in?
>      >
>      > On Wed, Feb 3, 2010 at 4:01 PM, Eric Shubert <ejs at shubes.net
>     <mailto:ejs at shubes.net>
>      > <mailto:ejs at shubes.net <mailto:ejs at shubes.net>>> wrote:
>      >
>      >     Shawn Badger wrote:
>      >      > I haven't seen this before, but I am wondering if it
>     possible to put
>      >      > blank lines and comments in the /etc/passd and group files?
>      >      > I have one person saying you absolutely can't  and another
>     saying
>      >     that
>      >      > you can.
>      >      > Which one is right?
>      >
>      >     They're both right.
>      >     Question is, are you willing to live with the consequences of
>     doing
>      >     so. ;)
>      >
>      >     --
>      >     -Eric 'shubes'
>      >
>      >     ---------------------------------------------------
> 
> 
>     --
>     -Eric 'shubes'
> 
>     ---------------------------------------------------
>     PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>     <mailto:PLUG-discuss at lists.plug.phoenix.az.us>
>     To subscribe, unsubscribe, or to change your mail settings:
>     http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 
> 


-- 
-Eric 'shubes'

More information about the PLUG-discuss mailing list