VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding checks for fd omission

Browse Source 
Adding function check_fds to new file fd.c. The function check_fds
should be called in every setuid/setgid program.

Co-developed-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Skyler Ferrante
2024-03-08 12:53:21 -05:00
committed by Serge Hallyn
parent b76fc2947f
commit d2f2c1877a
11 changed files with 63 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/chage.c
View File

@@ -768,13 +768,12 @@ int main (int argc, char **argv)
gid_t rgid;
const struct passwd *pw;
/*
* Get the program name so that error messages can use it.
*/
sanitize_env ();
check_fds ();
log_set_progname(Prog);
log_set_logfd(stderr);
sanitize_env ();
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);

4
src/chfn.c
View File

@@ -620,10 +620,12 @@ int main (int argc, char **argv)
char *user;
const struct passwd *pw;
sanitize_env ();
check_fds ();
log_set_progname(Prog);
log_set_logfd(stderr);
sanitize_env ();
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);

1
src/chsh.c
View File

@@ -472,6 +472,7 @@ int main (int argc, char **argv)
const struct passwd *pw; /* Password entry from /etc/passwd */
sanitize_env ();
check_fds ();
log_set_progname(Prog);
log_set_logfd(stderr);

5
src/expiry.c
View File

@@ -125,11 +125,12 @@ int main (int argc, char **argv)
struct passwd *pwd;
struct spwd *spwd;
sanitize_env ();
check_fds ();
log_set_progname(Prog);
log_set_logfd(stderr);
sanitize_env ();
/*
* Start by disabling all of the keyboard signals.
*/

2
src/gpasswd.c
View File

@@ -930,6 +930,8 @@ int main (int argc, char **argv)
#endif
sanitize_env ();
check_fds ();
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);

3
src/newgrp.c
View File

@@ -390,6 +390,9 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_help_open ();
#endif
check_fds ();
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);

1
src/passwd.c
View File

@@ -728,6 +728,7 @@ int main (int argc, char **argv)
const struct spwd *sp; /* Shadow file entry for user */
sanitize_env ();
check_fds ();
log_set_progname(Prog);
log_set_logfd(stderr);

2
src/su.c
View File

@@ -1007,6 +1007,8 @@ int main (int argc, char **argv)
int ret;
#endif /* USE_PAM */
check_fds ();
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);