25899fefb0
- unlock also passwords locked with passwd -l - prevent breaking user entry by entering a password containing colon - fix possible DoS when locking the database files for update - properly use login.defs from the chroot in useradd
15 lines
600 B
Diff
15 lines
600 B
Diff
diff -up shadow-4.2.1/lib/commonio.c.no-lock-dos shadow-4.2.1/lib/commonio.c
|
|
--- shadow-4.2.1/lib/commonio.c.no-lock-dos 2015-08-27 15:09:17.101537812 +0200
|
|
+++ shadow-4.2.1/lib/commonio.c 2015-08-27 15:11:06.643011248 +0200
|
|
@@ -140,7 +140,10 @@ static int do_lock_file (const char *fil
|
|
int retval;
|
|
char buf[32];
|
|
|
|
- fd = open (file, O_CREAT | O_EXCL | O_WRONLY, 0600);
|
|
+ /* We depend here on the fact, that the file name is pid-specific.
|
|
+ * So no O_EXCL here and no DoS.
|
|
+ */
|
|
+ fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
|
|
if (-1 == fd) {
|
|
if (log) {
|
|
(void) fprintf (stderr,
|