diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 1997-06-22 23:57:24 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 1997-06-22 23:57:24 +0000 |
| commit | f59b2daf2885b6bba8bbd41dd0cde389f07f1a96 (patch) | |
| tree | 76ced81b653181762f0ee6d521b68762a73f4a72 /lib/libutil | |
| parent | 94ae4e2289dfc87ef067f8411c15861609600c11 (diff) | |
Use O_EXLOCK option of open(2) to open /etc/ptmp with an exclusive
lock. This fixes a DOS bug where a user could run passwd(1) and
send it a SIGKILL, thus leaving /etc/ptmp in place.
Diffstat (limited to 'lib/libutil')
| -rw-r--r-- | lib/libutil/passwd.c | 10 | ||||
| -rw-r--r-- | lib/libutil/pw_lock.3 | 7 |
2 files changed, 10 insertions, 7 deletions
diff --git a/lib/libutil/passwd.c b/lib/libutil/passwd.c index 91f15e624e4..4481a28abc3 100644 --- a/lib/libutil/passwd.c +++ b/lib/libutil/passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $ */ +/* $OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $ */ /* * Copyright (c) 1987, 1993, 1994, 1995 @@ -34,7 +34,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $"; +static char rcsid[] = "$OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -252,10 +252,10 @@ pw_lock(retries) return (-1); /* Acquire the lock file. */ old_mode = umask(0); - fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600); - for (i = 0; i < retries && fd < 0 && errno == EEXIST; i++) { + fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600); + for (i = 0; i < retries && fd < 0 && errno == EAGAIN; i++) { sleep(1); - fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600); + fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600); } umask(old_mode); return (fd); diff --git a/lib/libutil/pw_lock.3 b/lib/libutil/pw_lock.3 index b5791af817c..f5fed6157d4 100644 --- a/lib/libutil/pw_lock.3 +++ b/lib/libutil/pw_lock.3 @@ -60,8 +60,10 @@ functions allow a program to update the system passwd database. The .Fn pw_lock function attempts to lock the passwd database by creating the file -.Pa /etc/ptmp , -and returns the file descriptor of that file. If +.Pa /etc/ptmp +with an exclusive lock (using +.Xr flock 2 +semantics) and returns the file descriptor of that file. If .Fa retries is greater than zero, .Fn pw_lock @@ -102,4 +104,5 @@ functions return -1 if they are unable to complete properly. .It Pa /etc/ptmp .El .Sh SEE ALSO +.Xr flock 2 , .Xr pw_init 3 |