emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
shadow/libmisc
History
Samanta Navarro 812f934e77 process_prefix_flag: Drop privileges 
Using --prefix in a setuid binary is quite dangerous. An unprivileged
user could prepare a custom shadow file in home directory. During a data
race the user could exchange directories with links which could lead to
exchange of shadow file in system's /etc directory.

This could be used for local privilege escalation.

Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
2023-05-18 15:36:59 +02:00
..
.indent.pro
addgrps.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
age.c
agetpass.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
alloc.c
audit_help.c
basename.c
Fix null dereference in basename
2023-03-27 10:10:37 -05:00
bit.c
btrfs.c
chkname.c
chkname.h
chowndir.c
chowntty.c
cleanup_group.c
cleanup_user.c
cleanup.c
console.c
copydir.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
csrand.c
date_to_str.c
Fix crash with large timestamps
2023-03-28 13:00:38 +02:00
entry.c
env.c
Fix use-after-free of pointer after realloc(3)
2023-02-23 20:28:43 -06:00
failure.c
failure.h
find_new_gid.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
find_new_sub_gids.c
find_new_sub_uids.c
find_new_uid.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
getdate.h
getdate.y
getgr_nam_gid.c
getrange.c
gettime.c
Use strict prototype in definition
2023-03-20 08:47:52 +01:00
hushed.c
idmapping.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
idmapping.h
isexpired.c
limits.c
list.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
log.c
loginprompt.c
login_prompt: Simplify login_prompt API
2023-05-03 07:54:28 -05:00
mail.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
Makefile.am
mempcpy.c
motd.c
myname.c
obscure.c
libmisc, man: Drop old check and advice for complex character sets in passwords
2023-04-27 09:16:08 +02:00
pam_pass_non_interactive.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
pam_pass.c
prefix_flag.c
process_prefix_flag: Drop privileges
2023-05-18 15:36:59 +02:00
pwd2spwd.c
pwd_init.c
pwdcheck.c
remove_tree.c
rlogin.c
root_flag.c
salt.c
setugid.c
setupenv.c
Remove some static char arrays
2023-05-11 11:05:29 -05:00
shell.c
stpecpy.c
stpeprintf.c
strtoday.c
sub.c
sulog.c
ttytype.c
tz.c
ulimit.c
user_busy.c
utmp.c
Simplify is_my_tty()
2023-03-28 13:00:38 +02:00
valid.c
xgetgrgid.c
xgetgrnam.c
xgetpwnam.c
xgetpwuid.c
xgetspnam.c
xgetXXbyYY.c
Use safer allocation macros
2023-02-23 20:28:43 -06:00
yesno.c
libmisc/yesno.c: Fix regression
2023-04-28 11:22:48 -05:00