ahill/shadow
1
0
Fork 0
mirror of https://github.com/shadow-maint/shadow.git synced 2026-01-26 14:03:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

vipw: Set correct pattern for fmkomstemp

Browse Source 
The fmkomstemp call requires a suffix of XXXXXX for correct operation.
Do so in TCB case as well.

Note: If something fails and the file resides in this directory, it
could be interpreted as a username. Use the ',' character as an illegal
character to prevent shadow tools from erroneously accessing this file
and assuming that the user actually exists.

Fixes: a5b3d56e2902 (2026-01-09; "vipw: Use fmkomstemp for temporary file")
Reported-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
This commit is contained in:
Tobias Stoeckmann 2026-01-14 22:58:51 +01:00 committed by Alejandro Colomar
parent f4777ac542
commit 65668fe093
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/vipw.c
View File

@ -426,7 +426,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (bool))
if (stat (file, &st1) != 0) {
vipwexit (_("failed to stat edited file"), errno, 1);
}
to_rename = aprintf("%s+", file);
to_rename = aprintf("%s,XXXXXX", file);
if (to_rename == NULL)
vipwexit (_("aprintf() failed"), errno, 1);