summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>1997-06-22 23:57:24 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>1997-06-22 23:57:24 +0000
commitf59b2daf2885b6bba8bbd41dd0cde389f07f1a96 (patch)
tree76ced81b653181762f0ee6d521b68762a73f4a72 /lib
parent94ae4e2289dfc87ef067f8411c15861609600c11 (diff)
Use O_EXLOCK option of open(2) to open /etc/ptmp with an exclusive
lock. This fixes a DOS bug where a user could run passwd(1) and send it a SIGKILL, thus leaving /etc/ptmp in place.
Diffstat (limited to 'lib')
-rw-r--r--lib/libutil/passwd.c10
-rw-r--r--lib/libutil/pw_lock.37
2 files changed, 10 insertions, 7 deletions
diff --git a/lib/libutil/passwd.c b/lib/libutil/passwd.c
index 91f15e624e4..4481a28abc3 100644
--- a/lib/libutil/passwd.c
+++ b/lib/libutil/passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $ */
+/* $OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $ */
/*
* Copyright (c) 1987, 1993, 1994, 1995
@@ -34,7 +34,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $";
+static char rcsid[] = "$OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $";
#endif /* LIBC_SCCS and not lint */
#include <sys/types.h>
@@ -252,10 +252,10 @@ pw_lock(retries)
return (-1);
/* Acquire the lock file. */
old_mode = umask(0);
- fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
- for (i = 0; i < retries && fd < 0 && errno == EEXIST; i++) {
+ fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
+ for (i = 0; i < retries && fd < 0 && errno == EAGAIN; i++) {
sleep(1);
- fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
+ fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
}
umask(old_mode);
return (fd);
diff --git a/lib/libutil/pw_lock.3 b/lib/libutil/pw_lock.3
index b5791af817c..f5fed6157d4 100644
--- a/lib/libutil/pw_lock.3
+++ b/lib/libutil/pw_lock.3
@@ -60,8 +60,10 @@ functions allow a program to update the system passwd database.
The
.Fn pw_lock
function attempts to lock the passwd database by creating the file
-.Pa /etc/ptmp ,
-and returns the file descriptor of that file. If
+.Pa /etc/ptmp
+with an exclusive lock (using
+.Xr flock 2
+semantics) and returns the file descriptor of that file. If
.Fa retries
is greater than zero,
.Fn pw_lock
@@ -102,4 +104,5 @@ functions return -1 if they are unable to complete properly.
.It Pa /etc/ptmp
.El
.Sh SEE ALSO
+.Xr flock 2 ,
.Xr pw_init 3