| Age | Commit message (Collapse) | Author |
|---|
|
fixes is from pr 5554. ok millert, ray
|
|
|
|
OK millert@.
|
|
routines.
OK millert@.
|
|
user id to userinfo works. From Alf Schlichting; ok millert@
|
|
code cannot overflow. Add error checking to protect future code
changes and to provide a better example for plagiarizers.
OK millert@.
|
|
password in argv. This doesn't solve the problem; it just reduces
the amount of time that encrypted password is available via ps.
OK deraadt@ and krw@
|
|
spotted by matthieu and miod
sorry bill, but you stopped just hacking far too long ago..
|
|
Reported and fix confirmed by Maxim Bourmistrov
|
|
|
|
example by example, we teach people how to actually use snprintf. because
it is clear (especially judging by code coming from netbsd hint hint perhaps
if i say it like this they will finally learn) that people are not paying
attention, and replacing one security problem with another.
in the early days we replaced buffer the typical ANSI-C standardized function
buffer overflows (by which I mean strcpy, strcat, and sprintf) with
non-overflowing ones -- range checking varients. We knew we were fixing
a major problem. The damn overflows. But we did not have time in all cases
to handle the next problem we were not handling: string truncation. Now we
need to (I hope not slowly) start fixing the string truncations.
Anyone going to help?
|
|
ok deraadt@ millert@
|
|
expiry flag. Resolves PR 3792, though not by changing code, but by
changing docs, comments and an error message or two.
ok jmc@ millert@
|
|
ok deraadt@ tdeval@
|
|
+ entry. assistance from tdeval and otto. this is the first half of
pr 3727, brendan@cs.uchicago.edu
|
|
Based on a patch from Sam Smith. henning@ OK
|
|
userdel since a username may contain regexp special chars.
Fix a memory leak on error and chmod before moving the new group
file is moved into place instead of after.
Saner error messages in rm_user_from_groups() (cut & pastos)
OK deraadt@, tdeval@ and otto@; error message fixes courtesy of otto@
|
|
with fgets() (which does). Using fgetln() doesn't make a huge amount
of sense since passwd entries are required to be short and mustn't contain
NULs. This also fixes a bus error on sparc64 (caused by passing a pointer
to an int when a pointer to size_t was expected) found by pvalchev@.
Tested and OK pvalchev@
|
|
ok otto@
|
|
multiple '&'s. Resolves PR 3616.
ok deraadt@
|
|
up->u_flags. Fixes a coredump when changing/deleting an existing
user introduced by my recent commit here.
|
|
Peter Werner. Closes PR 2699.
|
|
o Correct some error messages
o More informative error when reading a line that is > LINE_MAX
o When saving password, only alloc space for what is used
|
|
check in useradd or usermod whether the given encrypted password
has the correct length.
Factor out time code into a function, scantime()
Perform ctype(3) operations on unsigned chars.
From NetBSD (agc)
|
|
and modification of user and group information.
Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).
From NetBSD (agc)
|
|
|
|
o remove user from supplementary groups when deleting a user and not
preserving information.
o add some const
o check that user/group is local (not YP) before trying to change it.
From NetBSD (agc)
|
|
seconds-since-epoch. From NetBSD (grant).
|
|
instead of just a warning which is consistent with the way an invalid
user is treated.
|
|
|
|
will reject such a name; from Brian Poole
|
|
|
|
void cast from pw_abort() since it is already void.
From NetBSD via Brian Poole.
|
|
|
|
the short write cases.
|
|
samba wants to create usernames that end in '$'. From Paul Chakravarti
|
|
|
|
Noticed by Brian Poole who supplied a different patch.
|
|
newline was not added. Reported by Rob Sessink, different fix by me.
|
|
o unlink /etc/group temp file if rename fails
o when doing 'cd' in a system() separate with && not ';' so we don't
do stuff in the wrong place. Much of this should just be done inline.
|
|
those found in the config file. Those on the command line should
be used in preference to the config file ranges.
Based on a patch from Brian Poole.
|
|
millert@ ok
|
|
option to change was specified. Also fix man page formatting mistake.
From Brian Poole
|
|
o fix two err() calls that should be errx()
o don't use the colonc variable in a non-obvious way
o add missing or of F_SHELL when in preserve mode
|
|
o Change "unsigned" -> "unsigned int"
o Correct a buffer size that should have been LINE_MAX
o Simplify creation of group entry in groupmod() using strlcat() and
catch errors.
Theo and myself...
|
|
ok millert@
|
|
If group file line would grow to be too long, leave it unmolested (previously
it would get removed).
Use fclose(fp) not close(fd) for a stream that was fdopen()ed. Otherwise
we could leak memory.
When calling fwrite() pass the buffer as a single element instead of
using n one-byte elements.
|
|
o use LINE_MAX for the max password entry length. This is also what
pwd_mkdb does.
o add more checks for lines that are too long
o kill some useless (and incorrect) casts
o check snprintf() return vals for sanity before use
o sync usage() with man pages
o slight KNF
o eliminate some silly uses of snprintf
|
|
|
|
|
