Re: [DNG] systemd allows elevated access from unit files?

dev Mon, 03 Jul 2017 07:55:00 -0700

On 07/03/2017 09:36 AM, Evilham wrote:
> Hi there,
> 
<snip>
> 
> (Maybe we should file a bug on bugs.devuan.org + bugs.debian.org +
> shadow repo against shadow?)
>


Seems pretty straightforward to patch chkname.c feel free to include the
patch if anyone does:


# diff -Naur ./shadow-4.2/libmisc/chkname.c
./shadow-4.2/libmisc/chkname_new.c
--- ./shadow-4.2/libmisc/chkname.c      2017-07-03 09:18:30.000000000 -0500
+++ ./shadow-4.2/libmisc/chkname_new.c  2017-07-03 09:50:24.331490953 -0500
@@ -81,6 +81,14 @@
            || ('+'  == *name)) {
                return false;
        }
+   // first character cannot be numerical as long as it's not null
(should be caught above)
+   // only process if first digit is not null
+   if ('\0' != *name)
+   {
+      if (isdigit(*name))
+         return false;
+   }
+
        do {
                if ((':' == *name) || (',' == *name) || isspace(*name)) {
                        return false;
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd allows elevated access from unit files?

Reply via email to