diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2007-10-29 19:25:45 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2007-10-29 19:25:45 +0000 |
| commit | 15ca51e3e2a31efc275b616106244d8ec3f8f773 (patch) | |
| tree | e54716fcb612a54cfa72564d9ef089eebe92acbd /libbb | |
| parent | 5a28a25b9dd81e0975532458723c4244ff532e58 (diff) | |
| download | busybox-15ca51e3e2a31efc275b616106244d8ec3f8f773.tar.gz | |
appletlib.c: make it actally follow _BB_SUID_ALWAYS rules
adduser: implement -S and code shrink / fix uid selection
*: sanitize getspnam_r use
text data bss dec hex filename
777042 974 9676 787692 c04ec busybox_old
776883 974 9676 787533 c044d busybox_unstripped
Diffstat (limited to 'libbb')
| -rw-r--r-- | libbb/appletlib.c | 9 | ||||
| -rw-r--r-- | libbb/correct_password.c | 15 |
2 files changed, 13 insertions, 11 deletions
diff --git a/libbb/appletlib.c b/libbb/appletlib.c index 8b1ed8000..4bd60d049 100644 --- a/libbb/appletlib.c +++ b/libbb/appletlib.c @@ -459,10 +459,7 @@ static void check_suid(const struct bb_applet *applet) if (sct->m_applet == applet) goto found; } - /* default: drop all privileges */ - xsetgid(rgid); - xsetuid(ruid); - return; + goto check_need_suid; found: m = sct->m_mode; if (sct->m_uid == ruid) @@ -505,13 +502,13 @@ static void check_suid(const struct bb_applet *applet) } } #endif + check_need_suid: #endif - if (applet->need_suid == _BB_SUID_ALWAYS) { /* Real uid is not 0. If euid isn't 0 too, suid bit * is most probably not set on our executable */ if (geteuid()) - bb_error_msg_and_die("applet requires root privileges!"); + bb_error_msg_and_die("must be suid to work properly"); } else if (applet->need_suid == _BB_SUID_NEVER) { xsetgid(rgid); /* drop all privileges */ xsetuid(ruid); diff --git a/libbb/correct_password.c b/libbb/correct_password.c index f1793cd17..96bb10e0b 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c @@ -40,6 +40,11 @@ int correct_password(const struct passwd *pw) { char *unencrypted, *encrypted; const char *correct; +#if ENABLE_FEATURE_SHADOWPASSWDS + /* Using _r function to avoid pulling in static buffers */ + struct spwd spw; + char buffer[256]; +#endif /* fake salt. crypt() can choke otherwise. */ correct = "aa"; @@ -50,11 +55,11 @@ int correct_password(const struct passwd *pw) correct = pw->pw_passwd; #if ENABLE_FEATURE_SHADOWPASSWDS if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) { - /* Using _r function to avoid pulling in static buffers */ - struct spwd spw; - struct spwd *result; - char buffer[256]; - correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp; + /* getspnam_r may return 0 yet set result to NULL. + * At least glibc 2.4 does this. Be extra paranoid here. */ + struct spwd *result = NULL; + int r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result); + correct = (r || !result) ? "aa" : result->sp_pwdp; } #endif |