diff options
author | David Gwynne <dlg@cvs.openbsd.org> | 2013-04-23 06:17:08 +0000 |
---|---|---|
committer | David Gwynne <dlg@cvs.openbsd.org> | 2013-04-23 06:17:08 +0000 |
commit | bd97815fd39a53988e14fd7a8e7b9da675d72bef (patch) | |
tree | 87439c9a7295daac96a97dbebc1e4dccb0a32162 | |
parent | 490193004c35cc3b10bdd5fa96d474838a64d7c6 (diff) |
use stat to see if ~/.noident is there to avoid reimplementing a security
issue from 1988 when using open.
pointed out by deraadt@
-rw-r--r-- | usr.sbin/identd/identd.c | 20 |
1 files changed, 5 insertions, 15 deletions
diff --git a/usr.sbin/identd/identd.c b/usr.sbin/identd/identd.c index fe639ec90d3..0f136a2a674 100644 --- a/usr.sbin/identd/identd.c +++ b/usr.sbin/identd/identd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: identd.c,v 1.14 2013/04/23 05:39:32 dlg Exp $ */ +/* $OpenBSD: identd.c,v 1.15 2013/04/23 06:17:07 dlg Exp $ */ /* * Copyright (c) 2013 David Gwynne <dlg@openbsd.org> @@ -20,6 +20,7 @@ #include <sys/ioctl.h> #include <sys/socket.h> #include <sys/socketvar.h> +#include <sys/stat.h> #include <sys/sysctl.h> #include <sys/uio.h> @@ -405,7 +406,7 @@ void parent_noident(struct ident_resolver *r, struct passwd *pw) { char path[MAXPATHLEN]; - int fd; + struct stat st; int rv; rv = snprintf(path, sizeof(path), "%s/%s", pw->pw_dir, DOTNOIDENT); @@ -414,19 +415,8 @@ parent_noident(struct ident_resolver *r, struct passwd *pw) return; } - fd = open(path, O_RDONLY, 0); - if (fd == -1) { - switch (errno) { - case ENOENT: - case EACCES: - return; /* not an error */ - default: - r->error = E_UNKNOWN; - return; - } - } - - close(fd); + if (stat(path, &st) == -1) + return; r->error = E_HIDDEN; } |