From a07a76165353393309d67a8c8dd64233f5777a87 Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Sun, 18 Oct 2009 03:01:45 -0400 Subject: [PATCH] Disallow numeric nonlocal user/group names that look like local uid/gids. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This prevents nonlocal users and groups from disturbing a command like ‘chown 0:0 file’. Signed-off-by: Anders Kaseorg --- nonlocal-group.c | 13 +++++++++++++ nonlocal-passwd.c | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/nonlocal-group.c b/nonlocal-group.c index af422dd..074fc4e 100644 --- a/nonlocal-group.c +++ b/nonlocal-group.c @@ -129,6 +129,19 @@ check_nonlocal_gid(const char *user, gid_t gid, int *errnop) enum nss_status check_nonlocal_group(const char *user, struct group *grp, int *errnop) { + enum nss_status status = NSS_STATUS_SUCCESS; + int old_errno = errno; + char *end; + unsigned long gid; + + errno = 0; + gid = strtoul(grp->gr_name, &end, 10); + if (errno == 0 && *end == '\0' && (gid_t)gid == gid) + status = check_nonlocal_gid(user, gid, errnop); + errno = old_errno; + if (status != NSS_STATUS_SUCCESS) + return status; + return check_nonlocal_gid(user, grp->gr_gid, errnop); } diff --git a/nonlocal-passwd.c b/nonlocal-passwd.c index ffd5375..0d71fe3 100644 --- a/nonlocal-passwd.c +++ b/nonlocal-passwd.c @@ -127,6 +127,19 @@ check_nonlocal_uid(const char *user, uid_t uid, int *errnop) enum nss_status check_nonlocal_passwd(const char *user, struct passwd *pwd, int *errnop) { + enum nss_status status = NSS_STATUS_SUCCESS; + int old_errno = errno; + char *end; + unsigned long uid; + + errno = 0; + uid = strtoul(pwd->pw_name, &end, 10); + if (errno == 0 && *end == '\0' && (uid_t)uid == uid) + status = check_nonlocal_uid(user, uid, errnop); + errno = old_errno; + if (status != NSS_STATUS_SUCCESS) + return status; + return check_nonlocal_uid(user, pwd->pw_uid, errnop); } -- 2.45.0