From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: Content-Type: text/plain MIME-Version: 1.0 (NeXT Mail 3.3ciscupdate v148.2.1) From: arisawa@ar.aichi-u.ac.jp To: 9fans@nx.aichi-u.ac.jp Subject: [9fans] secstore panic Date: Fri, 9 Aug 2002 22:03:40 +0900 Topicbox-Message-UUID: d9513ec8-eaca-11e9-9e20-41e7f4b1d025 Hello, I examined secstore. secstore fell into panic in changing password. Note that is a experiment on terminal. term% ls -l --rw-rw-r-- M 250 arisawa arisawa 6 Aug 9 20:04 foo term% rm foo term% auth/secstore -s pc -g foo secstore password: xxxxxxxx secstore term% ls -l --rw------- M 250 arisawa arisawa 6 Aug 9 20:08 foo term% cat foo alice term% auth/secstore -c -s pc secstore password: secstore new password for arisawa: retype password: reencrypting 'foo' saved 6 bytes panic: D2B called on non-block 22bc0 (double-free?) secstore 2563: suicide: sys: trap: fault read addr=0x0 pc=0x0000a5dd acid says the problem came from secstore.c: Out: if(newpass != nil){ memset(newpass, 0, newpasslen); free(newpass); } conn->free(conn); <------------ HERE return rv; } int main(int argc, char **argv) { int chpass = 0, rc; By the way secuser created /adm/secstore/who/arisawa the permission is: term% ls -l /adm/secstore/* d-rwxrwxr-x M 8 arisawa adm 0 Aug 9 20:01 /adm/secstore/store/arisawa --rw-rw-r-- M 8 arisawa adm 195 Aug 9 20:01 /adm/secstore/who/arisawa I believe they should be d-rwx------ M 8 arisawa adm 0 Aug 9 20:01 /adm/secstore/store/arisawa --rw------- M 8 arisawa adm 195 Aug 9 20:01 /adm/secstore/who/arisawa Probably I should have created /adm/secstore with mode 700. (Note that secstored is running as arisawa because experiment is on terminal) This is not documented in manual.... Kenji Arisawa