COMMAND

    dtlogin

SYSTEMS AFFECTED

    Solaris 2.5.1

PROBLEM

    Arve  Kjoelen  found  following.   He's  running Solaris 2.5.1 CDE
    remotely from some FreeBSD boxes.  He noticed a mod 644  core file
    in the root  directory of the  Solaris machine.   adb said it  was
    dtlogin which had died of SIGSEGV.  Doing a 'strings' on the  file
    revealed not only the encrypted password of a remote dt user,  but
    also the UNENCRYPTED password.

    Adding  umask  077  to  the  beginning of /etc/init.d/dtlogin does
    nothing. to prevent  this.  Also,  dtlogin is not  affected by the
    modifications to  set the  default umask  for all  daemons (create
    /etc/rc?.d/S00rootusr.sh containing 'umask 077').  It looks as  if
    dtlogin   explicitly   sets   its   umask   to   027.    ('nm'  on
    /usr/dt/bin/dtlogin does find a reference to umask).

SOLUTION

    Temporary fix: create an empty /core file mod 400.  All subsequent
    cores will be created with these permissions.