diff options
author | wollman <wollman@FreeBSD.org> | 1994-09-20 21:40:12 +0000 |
---|---|---|
committer | wollman <wollman@FreeBSD.org> | 1994-09-20 21:40:12 +0000 |
commit | 45c19324be5390da87f4523f5505bcdded38555f (patch) | |
tree | a14af2d3190fab1c4b3f2e2e75426cf4dc3ee0e7 /usr.sbin | |
parent | 8c3a24d674ec1e9a907610ffb64a456a18dc9fad (diff) | |
download | FreeBSD-src-45c19324be5390da87f4523f5505bcdded38555f.zip FreeBSD-src-45c19324be5390da87f4523f5505bcdded38555f.tar.gz |
Fix security hole in YP password support, which wouldmake +user entries
act like + entries in some cases. Requires support in libc from next
commit.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/pwd_mkdb/pwd_mkdb.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c index 19d7828..9c1ecc7 100644 --- a/usr.sbin/pwd_mkdb/pwd_mkdb.c +++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c @@ -178,7 +178,13 @@ main(argc, argv) data.data = (u_char *)buf; key.data = (u_char *)tbuf; for (cnt = 1; scan(fp, &pwd); ++cnt) { - if(pwd.pw_name[0] == '+') yp_enabled = 1; + if(pwd.pw_name[0] == '+') { + if(pwd.pw_name[1] && !yp_enabled) { + yp_enabled = 1; + } else if(!pwd.pw_name[1]) { + yp_enabled = -1; + } + } #define COMPACT(e) t = e; while (*p++ = *t++); /* Create insecure data. */ p = buf; @@ -230,6 +236,8 @@ main(argc, argv) } /* If YP enabled, set flag. */ if(yp_enabled) { + buf[0] = yp_enabled + 2; + data.size = 1; tbuf[0] = _PW_KEYYPENABLED; key.size = 1; if ((dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) @@ -295,12 +303,13 @@ main(argc, argv) if ((dp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) error("put"); } - /* If YP enabled, set flag. */ if(yp_enabled) { + buf[0] = yp_enabled + 2; + data.size = 1; tbuf[0] = _PW_KEYYPENABLED; key.size = 1; - if ((dp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) + if ((dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) error("put"); } |