Commit Graph

85 Commits

Author SHA1 Message Date
tls
4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
hubertf
4c60e998e1 pw_lock(3): ``You should finish writing to and close the file descriptor
returned by pw_lock() before calling pw_mkdb().'' While there, also
close another open file descriptor that's no longer used.

Patch from Slava Semushin <slava.semushin@gmail.com>, tested by me.
2007-02-21 20:32:10 +00:00
elad
925c6f17f2 PR/29722: Andreas Kling: chpass temporary files in /etc not always unlinked
We had a (long) discussion about this in #NetBSD-code and the consensus was
that /tmp should always be sticky (+t), and as such it is safe to create
the temporary files for chpass(1) in there. We added a check to guarantee
this (and bail out otherwise) and now temporary files are created in /tmp,
not filling up /etc.

Thanks to rivo nurges et al.
2006-10-07 20:09:09 +00:00
hubertf
105b456cb7 Mention pwhash(1) in a few places,
suggested in PR 31125 by Stefan Schumacher.
2005-09-05 03:37:14 +00:00
lukem
8573d5e23d appease gcc -Wuninitialized 2005-06-02 01:42:11 +00:00
lukem
903f12a55a Ensure yflag is initialized before trying to use it.
Detected with gcc -Wuninitialized.
2005-06-02 01:41:38 +00:00
xtraeme
971b39df9c Kill __P(), use ANSI function declarations. 2005-02-17 16:53:45 +00:00
dsl
3145a29f62 Add (unsigned char) cast to ctype functions 2004-10-30 17:08:12 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
lukem
3839e0f0c0 use CPPFLAGS.getpwent.c=... to set file-specific cpp flags 2003-07-22 12:25:57 +00:00
bouyer
726dca87dc Build custom getpwent.o only if USE_YP==no. Otherwise, chpass will not
get the current passwd entry from NIS. Problem reported by Stephen M. Jone
on tech-net.
2003-04-05 20:32:26 +00:00
wiz
8653efef97 Describe class field correctly. Addresses PR 20370 by Pavel Cahyna. 2003-02-16 16:18:23 +00:00
christos
16c1b99bf8 Open the file with O_NOFOLLOW, and only use if it still has one link (from
OpenBSD)
2003-02-03 17:45:20 +00:00
itojun
5f2d0b666f error handling on strdup failure 2002-11-16 15:59:26 +00:00
grant
b8836fd1a4 New sentence, new line. Some mdoc cleanup. 2002-09-30 09:33:39 +00:00
lukem
5d4973fe97 makefile delint. use NETBSDSRCDIR as appropriate 2002-09-18 14:00:33 +00:00
enami
ec0349cba1 Make this compiles again when compiled without YP.
From Makoto Fujiwara in private mail.
2002-08-16 01:06:28 +00:00
enami
809178f723 Don't leave temporary file on abnormal exit (like, interrupted by user).
Minor cosmetic chagnes while I'm here.
2002-08-08 04:49:26 +00:00
soren
f2ad80d37a Mentions options -l and -y as in passwd.1.
PR misc/14574 from Hiramatsu Yoshifumi.
2002-08-07 23:20:29 +00:00
itojun
f51456c273 err/errx/warn/warnx do not need \n at the end 2002-06-11 06:06:18 +00:00
simonb
0330994f83 Fix warnings found by gcc-current with alpha target:
There's no use assigning the output of strtoul() to a 32-bit variable
then checking that against ULONG_MAX.  Instead use a "unsigned long"
as the temporary variable.  Also, only check against UID_MAX/GID_MAX;
these are both going to be smaller than ULONG_MAX on both 32- and 64-bit
platforms.
2002-05-09 01:58:39 +00:00
thorpej
9c33b55e7c Split the notion of building Hesiod, Kerberos, S/key, and YP
infrastructure and using that infrastructure in programs.

	* MKHESIOD, MKKERBEROS, MKSKEY, and MKYP control building
	  of the infratsructure (libraries, support programs, etc.)

	* USE_HESIOD, USE_KERBEROS, USE_SKEY, and USE_YP control
	  building of support for using the corresponding API
	  in various libraries/programs that can use it.

As discussed on tech-toolchain.
2002-03-22 18:10:19 +00:00
wiz
d4e11e2117 Sort sections, punctuation fixes, sort SEE ALSO. 2001-12-01 18:55:17 +00:00
wiz
aded0d2cce Whitespace cleanup. 2001-12-01 16:43:07 +00:00
ad
1e8e78ed07 Update for pw_mkdb() change: restrict updates to one user's records and/or
the secure database where appropriate.
2001-08-18 19:35:32 +00:00
cgd
d2d8d25fe6 progname not used here, so don't extern it 2001-02-13 00:11:45 +00:00
christos
32d9714048 fix redundant decls 2001-02-05 01:37:33 +00:00
phil
18ee5233a8 getpwuid() and getpwnam() both support YP maps, insecure and secure.
Remove local ypgetpw{uid,nam} which don't support secure maps.
(Using chpass/chfn with secure maps and these local functions turns off
users by putting * in password entry.)
2000-10-27 16:16:03 +00:00
is
135600f947 More format string cleanup by sommerfeld. 2000-10-11 14:46:00 +00:00
itojun
58b3b7a40a plug warn() call with variable only, just in case - honor behavior of warn(NULL) 2000-10-04 08:38:09 +00:00
itojun
bbef2fbaac errx?/warnx? audit. do not pass variable alone, use %s. idea from openbsd 2000-07-07 15:10:32 +00:00
ad
470c73e831 Xref passwd.conf. 2000-07-06 11:26:14 +00:00
simonb
299578ebd5 Spell "privilege" correctly (correct spelling from Jonathan Stone). 1999-08-16 02:59:22 +00:00
mjl
eb4489ce10 Fix for PR 5507 and 6686, using mostly patch by Rick Byers. 1999-02-08 22:21:44 +00:00
thorpej
af7b5d4d71 Set close-on-exec on all opened files. Partially from OpenBSD. 1998-12-19 02:23:46 +00:00
thorpej
fef2d92ecd Better error message if opening the temp file fails. 1998-12-19 02:13:43 +00:00
kim
1e454491c8 We need to initialize the "save" member in the list for GECOS fields.
If the user deletes a field while editing (as an easy way of making
that field empty) then "save" for that field will not get initialized
before referencing it when constructing the new GECOS field.
1998-08-10 23:21:05 +00:00
mycroft
a5b2c458ca const poisoning. 1998-07-26 21:25:16 +00:00
mycroft
decd62c2bf const poisoning. 1998-07-26 15:13:14 +00:00
mycroft
0db548a927 const poisoning. 1998-07-26 14:57:56 +00:00
mrg
c9987f1692 KNF 1998-07-05 14:26:06 +00:00
fair
dc026e0515 Change occurrences of "UNIX" to .Ux or .At as appropriate. 1998-04-28 06:00:51 +00:00
mikel
80f08d107b capitalize title of Morris&Thompson paper, use .Ev for EDITOR 1998-03-18 06:05:10 +00:00
perry
34a98169f0 macroize BSD, NetBSD, FreeBSD and misc cleanup 1998-02-06 05:54:12 +00:00
christos
91fe434141 Use strftime and strptime. 1998-02-04 15:21:52 +00:00
mrg
9f84449ae5 add missing .Nm sections. 1997-11-11 14:39:59 +00:00
lukem
8ba07ab0b3 use CPPFLAGS instead of CFLAGS 1997-10-24 09:00:17 +00:00
mrg
66f7b9fd72 fix compile warnings on the alpha. 1997-10-19 14:05:56 +00:00
lukem
ad23fe25bd WARNSify, fix .Nm usage, bzero -> memset 1997-10-18 12:49:10 +00:00
lukem
5645d77b1c WARNSify, fix .Nm usage, bzero -> memset 1997-10-18 12:48:40 +00:00