About passwd, deluser and delgroup
Rob Landley
rob at landley.net
Thu Apr 6 14:28:33 UTC 2006
On Wednesday 05 April 2006 3:09 am, Tito wrote:
> Hi Rob,
>
> I was thinking about the fact if it would be possible to
> reuse these functions (maybe with some minor modifications)
>
> static int update_passwd(const struct passwd *pw)
> static int update_passwd_file(FILE *fp, const char *dest, const char
> *username)
>
> of your pending passwd rewrite to be used also
> by deluser and delgroup.
> In this case they could be moved to libbb and
> the behaviour of all applets writing to password files would be
> consistent and more secure.
>
> BTW, by looking at the cleaned up versions of adduser
> and addgroup it seems to me that they open the password
They weren't that cleaned up. And it turns out it wasn't all the files I've
touched (didn't think so). At the first deleted file that's still under
source control, sed stops with an error. And I've deleted a lot of files.
And I'm maybe half done at this point...
> files in an insecure way.
> What would happen if two
> programs try to write to the file
> at the same time?
If the new file is a constant filename (which is not a security problem
if /etc isn't world writeable) then O_EXCL should fail if it already exists.
The theory is to create a new version and then atomic rename it over the old
one. (The backup is done via a hard link first, so the old one should remain
unmodified. No need to actually copy the data and set the date and all
that.)
// Create new file, as one atomic operation with the right permissions and
// ownership because doing chmod or chown after create opens a race.
if ((out_fd = bb_xopen(dest, O_CREAT|O_EXCL,
ENABLE_FEATURE_SHADOWPASSWDS ? 0600 : 0644)) < 0) return 0;
I've pondered putting in some kind of recovery code there (check to see if the
date on the file that exists is more than X seconds in the past, and delete
it if so), but I haven't convinced myself it's worth the bytes. Still
working on it, slowly, in the background...
Rob
--
Never bet against the cheap plastic solution.
More information about the busybox
mailing list