diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2016-05-07 21:52:30 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2016-05-07 21:52:30 +0000 |
| commit | 6c85af82ed10dbfaa907d3805e7873b49d437318 (patch) | |
| tree | e8aeb41eac16c51762304221e5a787104585ec12 /lib/libc/gen | |
| parent | e489ed5598ae04e39880337352fcaf1737649a63 (diff) | |
stop opening the shadow database by default. only programs that request it
via the _shadow functions will open now, preventing some programs running
as root from accidentally loading password hashes it into their memory.
ok deraadt
Diffstat (limited to 'lib/libc/gen')
| -rw-r--r-- | lib/libc/gen/getpwent.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c index cfd0d2e4f98..453e82d9169 100644 --- a/lib/libc/gen/getpwent.c +++ b/lib/libc/gen/getpwent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getpwent.c,v 1.60 2015/12/28 22:08:18 mmcc Exp $ */ +/* $OpenBSD: getpwent.c,v 1.61 2016/05/07 21:52:29 tedu Exp $ */ /* * Copyright (c) 2008 Theo de Raadt * Copyright (c) 1988, 1993 @@ -743,8 +743,7 @@ int getpwnam_r(const char *name, struct passwd *pw, char *buf, size_t buflen, struct passwd **pwretp) { - /* XXX shadow should be 0 XXX */ - return getpwnam_internal(name, pw, buf, buflen, pwretp, 1); + return getpwnam_internal(name, pw, buf, buflen, pwretp, 0); } DEF_WEAK(getpwnam_r); @@ -828,8 +827,7 @@ int getpwuid_r(uid_t uid, struct passwd *pw, char *buf, size_t buflen, struct passwd **pwretp) { - /* XXX shadow should be 0 XXX */ - return getpwuid_internal(uid, pw, buf, buflen, pwretp, 1); + return getpwuid_internal(uid, pw, buf, buflen, pwretp, 0); } DEF_WEAK(getpwuid_r); |