ahill/shadow
1
0
Fork 0
mirror of https://github.com/shadow-maint/shadow.git synced 2026-01-26 14:03:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

vipw: Prefer fchmod/fchown over chmod/chown

Browse Source 
Use file descriptor functions when file descriptor is available, instead
of path based operations. The latter resolve symbolic links and are
prone to race conditions.

Reported-by: Alejandro Colomar <alx@kernel.org>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
This commit is contained in:
Tobias Stoeckmann 2026-01-14 19:57:00 +01:00 committed by Alejandro Colomar
parent c745eea4a4
commit 976b7bffde
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/vipw.c
View File

@ -132,16 +132,18 @@ static int create_backup_file (FILE * fp, char *backup, struct stat *sb)
unlink (backup);
return -1;
}
if (fclose (bkfp) != 0) {
unlink (backup);
return -1;
}
ub.actime = sb->st_atime;
ub.modtime = sb->st_mtime;
if ( (utime (backup, &ub) != 0)
|| (chmod (backup, sb->st_mode) != 0)
|| (chown (backup, sb->st_uid, sb->st_gid) != 0)) {
|| (fchmod(fileno(bkfp), sb->st_mode) != 0)
|| (fchown(fileno(bkfp), sb->st_uid, sb->st_gid) != 0)) {
fclose(bkfp);
unlink (backup);
return -1;
}
if (fclose (bkfp) != 0) {
unlink (backup);
return -1;
}