From owner-freebsd-bugs@freebsd.org Sun Mar 22 04:03:55 2020 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D46D6275DFA for ; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 48lP5R53gBz446b for ; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id A4763275DF9; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A3D5A275DF8 for ; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48lP5R3F99z446X for ; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 401F81F8F9 for ; Sun, 22 Mar 2020 04:03:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 02M43t9C009201 for ; Sun, 22 Mar 2020 04:03:55 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 02M43tOd009200 for bugs@FreeBSD.org; Sun, 22 Mar 2020 04:03:55 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 244967] pw userdel will delete a home directory not owned by the user (if it is empty) Date: Sun, 22 Mar 2020 04:03:55 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 12.1-RELEASE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: eric@erichanneken.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status keywords bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Mar 2020 04:03:55 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244967 Bug ID: 244967 Summary: pw userdel will delete a home directory not owned by the user (if it is empty) Product: Base System Version: 12.1-RELEASE Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Some People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: eric@erichanneken.com Created attachment 212604 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D212604&action= =3Dedit Patch to pw(8) According to the man page for pw(8), pw userdel -n name -r will only remove files and directories that are actually owned by the user, or symbolic links owned by anyone under the user's home directory. The man page for rmuser(8), which wraps pw(8), makes a similar promise. In reality, the ownership check is performed only for files in the user's home directory. The home directory itself, and any subdirectories, are deleted without regard to who owns them. In most cases this is harmless because a directory not owned by the user will usually also contain files not owned by the user. pw won't delete the files, and its attempt to remove a non-empty directory will fail. But if the other-owned home directory is empty (or if its files are weirdly= all owned by the user being deleted), pw will delete it: # mkdir /var/shared # ls -ld /var/shared drwxr-xr-x 2 root wheel 2 Mar 21 23:40 /var/shared # pw useradd -n testuser1 -d /var/shared # pw useradd -n testuser2 -d /var/shared # grep 'testuser' /etc/passwd testuser1:*:1002:1002:User &:/var/shared:/bin/sh testuser2:*:1003:1003:User &:/var/shared:/bin/sh # pw userdel -n testuser1 -r # grep 'testuser' /etc/passwd testuser2:*:1003:1003:User &:/var/shared:/bin/sh # ls -ld /var/shared ls: /var/shared: No such file or directory I have attached a patch which adds the ownership check to directories. It w= as made against revision 359195. --=20 You are receiving this mail because: You are the assignee for the bug.=