shadow/contrib
Alejandro Colomar 0336454503 adduser-old.c: Remove program
This program has 10 calls to gets(3) according to grep(1).  That
makes it a very unsafe program which should not be used at all.
Let's kill the program already.

See what gets(3) has to say:

SYNOPSIS
       #include <stdio.h>

       [[deprecated]] char *gets(char *s);

DESCRIPTION
       Never use this function.

       ...

BUGS
       Never use gets().  Because it is impossible to tell with‐
       out knowing the  data  in  advance  how  many  characters
       gets()  will  read,  and  because gets() will continue to
       store characters past the end of the buffer,  it  is  ex‐
       tremely dangerous to use.  It has been used to break com‐
       puter security.  Use fgets() instead.

       For more information, see CWE‐242 (aka "Use of Inherently
       Dangerous Function") at http://cwe.mitre.org/data/defini‐
       tions/242.html

Acked-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-10-17 09:06:08 -05:00
..
adduser2.sh spelling: default 2017-10-22 18:34:35 +00:00
adduser.c spelling: thanks 2017-10-22 21:24:49 +00:00
adduser.sh [svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 11:44:02 +00:00
atudel Update licensing info 2021-12-23 19:36:50 -06:00
groupmems.shar Update licensing info 2021-12-23 19:36:50 -06:00
Makefile.am adduser-old.c: Remove program 2022-10-17 09:06:08 -05:00
pwdauth.c Added the subversion svn:keywords property (Id) for proper identification. 2007-11-10 23:46:11 +00:00
README [svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 11:44:02 +00:00
shadow-anonftp.patch spelling: anonymous 2017-10-22 07:56:49 +00:00
udbachk.tgz [svn-upgrade] Integrating new upstream version, shadow (20001012) 2007-10-07 11:44:38 +00:00

People keep sending various adduser programs and scripts...  They are
all in this directory.  I haven't tested them, use at your own risk.
Anyway, the best one I've seen so far is adduser-3.x from Debian.

atudel is a perl script to remove at jobs owned by the specified user
(atrm in at-2.9 for Linux can't do that).

udbachk.tgz is a passwd/group/shadow file integrity checker.

--marekm