Age | Commit message (Collapse) | Author | |
---|---|---|---|
2007-08-02 | catch a few truncation cases instead of silently ignoring them. one of the | Theo de Raadt | |
fixes is from pr 5554. ok millert, ray | |||
2007-05-31 | convert to new .Dd format; | Jason McIntyre | |
2007-04-05 | remove some extra tests, from charles longeau | Ted Unangst | |
2007-03-02 | Check if group exists before checking if group is local. | Ray Lai | |
OK millert@. | |||
2007-03-02 | Replace regex(3) routines with simple string searching and comparison | Ray Lai | |
routines. OK millert@. | |||
2007-02-21 | put -L and -G in the right place; | Jason McIntyre | |
2007-02-21 | put -G in the right place; from Igor Sobrado | Jason McIntyre | |
2007-02-06 | fix some dodgy displays; | Jason McIntyre | |
2007-02-06 | discuss consistently "the Epoch"; | Jason McIntyre | |
2007-01-12 | Compare against the username, so listing groups when given a numeric | Otto Moerbeek | |
user id to userinfo works. From Alf Schlichting; ok millert@ | |||
2006-12-20 | Fix potential buffer overread in function, even though the current | Ray Lai | |
code cannot overflow. Add error checking to protect future code changes and to provide a better example for plagiarizers. OK millert@. | |||
2005-12-31 | Make useradd -p slightly less dangerous by overwriting the encrypted | Todd C. Miller | |
password in argv. This doesn't solve the problem; it just reduces the amount of time that encrypted password is available via ps. OK deraadt@ and krw@ | |||
2005-08-27 | change default user shell to ksh as well. | Theo de Raadt | |
spotted by matthieu and miod sorry bill, but you stopped just hacking far too long ago.. | |||
2005-07-08 | Don't mistakenly match groups with partial name matches in "usermod -G". | Todd C. Miller | |
Reported and fix confirmed by Maxim Bourmistrov | |||
2005-04-15 | fix snprintf return value check. ok otto@ millert@ | Moritz Jodeit | |
2005-04-13 | very unlikely overflow. but sticking to the idiom is important: thereby, | Theo de Raadt | |
example by example, we teach people how to actually use snprintf. because it is clear (especially judging by code coming from netbsd hint hint perhaps if i say it like this they will finally learn) that people are not paying attention, and replacing one security problem with another. in the early days we replaced buffer the typical ANSI-C standardized function buffer overflows (by which I mean strcpy, strcat, and sprintf) with non-overflowing ones -- range checking varients. We knew we were fixing a major problem. The damn overflows. But we did not have time in all cases to handle the next problem we were not handling: string truncation. Now we need to (I hope not slowly) start fixing the string truncations. Anyone going to help? | |||
2004-09-30 | If the yp marker is in the file, add new users before it. PR 3727. | Otto Moerbeek | |
ok deraadt@ millert@ | |||
2004-06-26 | should have updated all of these first - the same wordo in them all. | Jason McIntyre | |
also, section order for usermgmt.conf.5 was wrong. | |||
2004-06-26 | wordo; | Jason McIntyre | |
2004-06-14 | Document where we diverge from other implementations (due to different | Todd C. Miller | |
fields in passwd(5)). OK otto@ a while ago. | |||
2004-06-06 | clean some lists and displays; | Jason McIntyre | |
2004-06-04 | Clear up some confusion: -e is account expiry flag, -f is password | Otto Moerbeek | |
expiry flag. Resolves PR 3792, though not by changing code, but by changing docs, comments and an error message or two. ok jmc@ millert@ | |||
2004-05-10 | Check return value of fclose() calls after writing. | Otto Moerbeek | |
ok deraadt@ tdeval@ | |||
2004-05-10 | when adding a new group to /etc/groups, place it just before the first | Theo de Raadt | |
+ entry. assistance from tdeval and otto. this is the first half of pr 3727, brendan@cs.uchicago.edu | |||
2004-04-19 | Don't complain when the /nonexistent homedir does not exist. | Todd C. Miller | |
Based on a patch from Sam Smith. henning@ OK | |||
2004-02-26 | Avoid using regexp when removing a user from /etc/group entries in | Todd C. Miller | |
userdel since a username may contain regexp special chars. Fix a memory leak on error and chmod before moving the new group file is moved into place instead of after. Saner error messages in rm_user_from_groups() (cut & pastos) OK deraadt@, tdeval@ and otto@; error message fixes courtesy of otto@ | |||
2004-01-03 | Replace bogus use of fgetln() (which doesn't NUL-terminate strings) | Todd C. Miller | |
with fgets() (which does). Using fgetln() doesn't make a huge amount of sense since passwd entries are required to be short and mustn't contain NULs. This also fixes a bus error on sparc64 (caused by passing a pointer to an int when a pointer to size_t was expected) found by pvalchev@. Tested and OK pvalchev@ | |||
2003-12-25 | Fix multi-line string | Alexander Yurchenko | |
ok otto@ | |||
2003-12-24 | Fix bound checks for gecos field, taking into account it may contain | Otto Moerbeek | |
multiple '&'s. Resolves PR 3616. ok deraadt@ | |||
2003-12-22 | use .Fl for flag; | Jason McIntyre | |
from Franciszek Holop; | |||
2003-09-04 | clarify that user's full name (not username) generally goes in GECOS; | Jason McIntyre | |
from Jeff Ross. | |||
2003-06-15 | small mdoc fixes; | Jason McIntyre | |
ok millert@ | |||
2003-06-14 | For moduser(), only do valid_class() check when F_CLASS is set in | Todd C. Miller | |
up->u_flags. Fixes a coredump when changing/deleting an existing user introduced by my recent commit here. | |||
2003-06-10 | Check that login class exists before using it; based on a patch from | Todd C. Miller | |
Peter Werner. Closes PR 2699. | |||
2003-06-10 | o Check for fwrite() error with != 1, not <= 0 (mostly style) | Todd C. Miller | |
o Correct some error messages o More informative error when reading a line that is > LINE_MAX o When saving password, only alloc space for what is used | |||
2003-06-10 | Keep a table of password types, and their associated lengths, and | Todd C. Miller | |
check in useradd or usermod whether the given encrypted password has the correct length. Factor out time code into a function, scantime() Perform ctype(3) operations on unsigned chars. From NetBSD (agc) | |||
2003-06-10 | Use syslog(3) to log new users and groups, deletions of users and groups, | Todd C. Miller | |
and modification of user and group information. Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to do this via LOG_AUTH, since the password and group files are world readable). From NetBSD (agc) | |||
2003-06-10 | Catch illegal flags and reply with usage; from NetBSD (agc) | Todd C. Miller | |
2003-06-10 | o rename login variable to login_name | Todd C. Miller | |
o remove user from supplementary groups when deleting a user and not preserving information. o add some const o check that user/group is local (not YP) before trying to change it. From NetBSD (agc) | |||
2003-06-08 | Sync man pages w/ NetBSD version | Todd C. Miller | |
2003-06-08 | Add usermgmt.conf man page. From NetBSD (grant) | Todd C. Miller | |
2003-06-08 | user -e and -f now accepts "month day year" (ala chpass(1)) and | Todd C. Miller | |
seconds-since-epoch. From NetBSD (grant). | |||
2003-06-08 | Make c_word const; from NetBSD (tron) | Todd C. Miller | |
2003-06-08 | Add check for group too long and made an invalid group a fatal error | Todd C. Miller | |
instead of just a warning which is consistent with the way an invalid user is treated. | |||
2003-06-08 | Use _PW_NAME_LEN not MAXLOGNAME since the latter does not include the NUL. | Todd C. Miller | |
2003-05-14 | Mention that without a password being specified, the account is disabled | Jason Peel | |
by default. Idea from Ross.Richardson@utas.edu.au, discussed with millert@; closes PR 3257. | |||
2003-05-13 | Don't allow usernames to begin with a dash since pwd_mkdb(8) | Todd C. Miller | |
will reject such a name; from Brian Poole | |||
2003-04-03 | The check for whether or not a group is empty was busted. Closes PR 3178. | Todd C. Miller | |
2003-03-11 | groupmod modifies groups, it doesn't add them | Ted Unangst | |
ok millert@ | |||
2003-02-14 | typos; | Jason McIntyre | |
tftpd(8): tweak and ok millert@ tokenadm(8): tweak and ok millert@ |