diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2005-12-31 19:20:50 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2005-12-31 19:20:50 +0000 |
commit | 87b9e3f482bc0d85c8dc0c622fbb4b3b48d834dd (patch) | |
tree | 566fc7a9f495bcd1a76f3f2dc8501b8fce361ef5 | |
parent | 8986d141de0848cfb02d17c70733055ce5c29cc0 (diff) |
Make useradd -p slightly less dangerous by overwriting the encrypted
password in argv. This doesn't solve the problem; it just reduces
the amount of time that encrypted password is available via ps.
OK deraadt@ and krw@
-rw-r--r-- | usr.sbin/user/user.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/user/user.c b/usr.sbin/user/user.c index b740fdd24ce..a18e76eb297 100644 --- a/usr.sbin/user/user.c +++ b/usr.sbin/user/user.c @@ -1,4 +1,4 @@ -/* $OpenBSD: user.c,v 1.65 2005/08/27 23:12:36 deraadt Exp $ */ +/* $OpenBSD: user.c,v 1.66 2005/12/31 19:20:49 millert Exp $ */ /* $NetBSD: user.c,v 1.69 2003/04/14 17:40:07 agc Exp $ */ /* @@ -1693,6 +1693,7 @@ useradd(int argc, char **argv) #ifdef EXTENSIONS case 'p': memsave(&u.u_password, optarg, strlen(optarg)); + memset(optarg, 'X', strlen(optarg)); break; #endif #ifdef EXTENSIONS @@ -1825,6 +1826,7 @@ usermod(int argc, char **argv) #ifdef EXTENSIONS case 'p': memsave(&u.u_password, optarg, strlen(optarg)); + memset(optarg, 'X', strlen(optarg)); u.u_flags |= F_PASSWORD; break; #endif |