Date: Mon, 18 Mar 2002 13:58:24 +0200 From: Peter Pentchev <roam@ringlet.net> To: "Crist J. Clark" <cjc@FreeBSD.org> Cc: Dag-Erling Smorgrav <des@ofug.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/chpass chpass.c pw_copy.c pw_copy.h Message-ID: <20020318135824.A1326@straylight.oblivion.bg> In-Reply-To: <200203180222.g2I2Ms309830@freefall.freebsd.org>; from cjc@FreeBSD.org on Sun, Mar 17, 2002 at 06:22:53PM -0800 References: <200203180222.g2I2Ms309830@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Mar 17, 2002 at 06:22:53PM -0800, Crist J. Clark wrote: > cjc 2002/03/17 18:22:53 PST >=20 > Modified files: > usr.bin/chpass chpass.c pw_copy.c pw_copy.h=20 > Log: > It was possible for an unprivileged user to tie up the password > information (no one else can vipw(8), chpass(1), or even passwd(1)), > either on purpose or by accident, until an administrator manually > intervened. Instead, do not lock the master.passwd file while a user > is editing his information. But once we go to write the new > information, check that the modified user's information has not > changed in the password database since we started. Abort the changes > if it has. > =20 > Add a $FreeBSD$ to pw_copy.h. > =20 > PR: i386/35816 > Obtained from: NetBSD > MFC after: 1 week [des@ CC'd because of a proposed libpam patch] Errr... did this really go through a buildworld? :) I think that at least the attached patches are needed to catch up with pw_copy.c's including pw_scan.h and pw_copy()'s growing a fourth parameter.. Still, great work! The chpass(8) locking the password file has bitten me several times, badly (and yes, it was trivial to handle, but still..) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence every third, but it still comprehensible. Index: src/lib/libpam/modules/pam_unix/Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/lib/libpam/modules/pam_unix/Makefile,v retrieving revision 1.12 diff -u -r1.12 Makefile --- src/lib/libpam/modules/pam_unix/Makefile 7 Mar 2002 16:56:19 -0000 1.12 +++ src/lib/libpam/modules/pam_unix/Makefile 18 Mar 2002 10:33:06 -0000 @@ -31,7 +31,8 @@ -I${.OBJDIR} \ -I${.CURDIR}/../../../../libexec/ypxfr \ -I${.CURDIR}/../../../../usr.sbin/vipw \ - -I${.CURDIR}/../../../../usr.bin/chpass + -I${.CURDIR}/../../../../usr.bin/chpass \ + -I${.CURDIR}/../../../../lib/libc/gen DPADD=3D ${LIBUTIL} ${LIBCRYPT} ${LIBRPCSVC} LDADD=3D -lutil -lcrypt -lrpcsvc MAN=3D pam_unix.8 Index: src/lib/libpam/modules/pam_unix/pam_unix.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/lib/libpam/modules/pam_unix/pam_unix.c,v retrieving revision 1.25 diff -u -r1.25 pam_unix.c --- src/lib/libpam/modules/pam_unix/pam_unix.c 14 Mar 2002 23:27:59 -0000 1= .25 +++ src/lib/libpam/modules/pam_unix/pam_unix.c 18 Mar 2002 10:51:00 -0000 @@ -578,7 +578,7 @@ =20 pfd =3D pw_lock(); tfd =3D pw_tmp(); - pw_copy(pfd, tfd, pwd); + pw_copy(pfd, tfd, pwd, NULL); =20 if (!pw_mkdb(user)) pw_error((char *)NULL, 0, 1); Index: src/usr.bin/passwd/Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/usr.bin/passwd/Makefile,v retrieving revision 1.42 diff -u -r1.42 Makefile --- src/usr.bin/passwd/Makefile 13 Sep 2001 06:48:17 -0000 1.42 +++ src/usr.bin/passwd/Makefile 18 Mar 2002 11:12:51 -0000 @@ -20,6 +20,7 @@ CFLAGS+=3D -DLOGIN_CAP -DCRYPT -I. -I${.CURDIR} \ -I${.CURDIR}/../../usr.sbin/vipw \ -I${.CURDIR}/../../usr.bin/chpass \ + -I${.CURDIR}/../../lib/libc/gen \ -Dyp_error=3Dwarnx -DLOGGING =20 .else @@ -42,6 +43,7 @@ -I${.CURDIR}/../../usr.bin/chpass \ -I${.CURDIR}/../../libexec/ypxfr \ -I${.CURDIR}/../../usr.sbin/rpc.yppasswdd \ + -I${.CURDIR}/../../lib/libc/gen \ -Dyp_error=3Dwarnx -DLOGGING =20 .endif Index: src/usr.bin/passwd/local_passwd.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/usr.bin/passwd/local_passwd.c,v retrieving revision 1.27 diff -u -r1.27 local_passwd.c --- src/usr.bin/passwd/local_passwd.c 11 Mar 2001 16:37:30 -0000 1.27 +++ src/usr.bin/passwd/local_passwd.c 18 Mar 2002 11:13:32 -0000 @@ -223,7 +223,7 @@ =20 pfd =3D pw_lock(); tfd =3D pw_tmp(); - pw_copy(pfd, tfd, pw); + pw_copy(pfd, tfd, pw, NULL); =20 if (!pw_mkdb(uname)) pw_error((char *)NULL, 0, 1); --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyV1mAACgkQ7Ri2jRYZRVOjpQCcDVOEIM8cx6MMY1QyLg3EKmXR 2scAn03yOXFW1JjMaLXLzwv03R0/kRZ6 =X3gF -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020318135824.A1326>