Browse Source

Use O_EXLOCK option of open(2) to open /etc/ptmp with an exclusive

lock.  This fixes a DOS bug where a user could run passwd(1) and
send it a SIGKILL, thus leaving /etc/ptmp in place.
OPENBSD_2_2
millert 27 years ago
parent
commit
b46ec22f4b
2 changed files with 10 additions and 7 deletions
  1. +5
    -5
      src/lib/libutil/passwd.c
  2. +5
    -2
      src/lib/libutil/pw_lock.3

+ 5
- 5
src/lib/libutil/passwd.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $ */
/* $OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $ */
/*
* Copyright (c) 1987, 1993, 1994, 1995
@ -34,7 +34,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] = "$OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $";
static char rcsid[] = "$OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $";
#endif /* LIBC_SCCS and not lint */
#include <sys/types.h>
@ -252,10 +252,10 @@ pw_lock(retries)
return (-1);
/* Acquire the lock file. */
old_mode = umask(0);
fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
for (i = 0; i < retries && fd < 0 && errno == EEXIST; i++) {
fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
for (i = 0; i < retries && fd < 0 && errno == EAGAIN; i++) {
sleep(1);
fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
}
umask(old_mode);
return (fd);


+ 5
- 2
src/lib/libutil/pw_lock.3 View File

@ -60,8 +60,10 @@ functions allow a program to update the system passwd database.
The
.Fn pw_lock
function attempts to lock the passwd database by creating the file
.Pa /etc/ptmp ,
and returns the file descriptor of that file. If
.Pa /etc/ptmp
with an exclusive lock (using
.Xr flock 2
semantics) and returns the file descriptor of that file. If
.Fa retries
is greater than zero,
.Fn pw_lock
@ -102,4 +104,5 @@ functions return -1 if they are unable to complete properly.
.It Pa /etc/ptmp
.El
.Sh SEE ALSO
.Xr flock 2 ,
.Xr pw_init 3

Loading…
Cancel
Save