| Age | Commit message (Collapse) | Author |
|---|
|
constant). These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).
|
|
diagnostic.
Issue a diagnostic message if the master.passwd file isn't specified as an
absolute path.
|
|
of elements in the hash based on master.passwd file size, assuming
an average 128bytes per entry. This is only an estimate so it doesn't
have to be exact.
|
|
|
|
|
|
When building .db versions of passwd and master.passwd, go split
the loops into three (one per key type) so that we get good locality
withing the .db file for getnext style operations (getpwent). With
this change I see about a 20% speedup of getpwent() on very large
passwd files.
|
|
|
|
|
|
|
|
|
|
passwd databases. I found this while analysing netbsd pr#1328 from
August 10, 1995 by hag@gnu.ai.mit.edu. A sample fix was supplied on
14, May 96 by greywolf@defender.VAS.viewlogic.com. The PR mentioned
about 6 or 7 places where this could happen. Greywolf and I had made
all of the fixes ourselves in openbsd a while back (except one subtle
one which he pointed out but I had missed), but not a single one of
the fixes is found in the netbsd source tree... I wonder if Perry has
an exploit for this problem, and perhaps he's using it?
Another damn good reason for making /tmp and /var seperate partitions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
filesystem would result in gibbled passwd databases.
|
|
proper arguments
|
|
with our cross compilation/installation goals...
|
|
|
