Re: libexec/tftp-proxy: should to call endpwent()

Wed, 02 Jun 2010 09:38:26 -0700 

> sure
> but make sense to remove bad examples in tree

What bad examples?  I've done this audit before.

As far as I know, the endpwent()'s in the tree are all there because of
setpwent() or setpassent() is called; or because of getpwent()'s
instead of getpwnam()'s, and in situations where there is a fork before
exit.

You are not submitting a diff which 'removes bad examples in the tree',
sorry, you are submitting a diff which is wrong.  Your diff is the bad
example.

> On Wed, Jun 02, 2010 at 08:33:10AM -0600, Theo de Raadt wrote:
> > > endpwent() here to close file descriptor opened by getpwnam(),
> > > since that all work with the password database was done.
> > 
> > But no file descriptor is open.
> > 
> > setpassent() was never called to keep the fd open.
> > 
> > It's even explained in the manual page.
> > 
> > > Index: tftp-proxy.c
> > > ===================================================================
> > > RCS file: /cvs/src//libexec/tftp-proxy/tftp-proxy.c,v
> > > retrieving revision 1.6
> > > diff -u tftp-proxy.c
> > > --- tftp-proxy.c  13 Apr 2008 00:22:17 -0000      1.6
> > > +++ tftp-proxy.c  2 Jun 2010 13:06:16 -0000
> > > @@ -128,6 +128,7 @@
> > >           syslog(LOG_ERR, "can't revoke privs: %m");
> > >           exit(1);
> > >   }
> > > + endpwent();
> > >  
> > >   /* non-blocking io */
> > >   if (ioctl(fd, FIONBIO, &on) < 0) {
> > > 
> > 
> 
> --xHFwDpU9dbj6ez1V
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline; filename="wrong_use_endpwent.diff"
> 
> Index: privsep.c
> ===================================================================
> RCS file: /cvs/src//usr.sbin/tcpdump/privsep.c,v
> retrieving revision 1.28
> diff -u privsep.c
> --- privsep.c 17 Apr 2009 22:31:24 -0000      1.28
> +++ privsep.c 2 Jun 2010 15:18:00 -0000
> @@ -175,7 +175,6 @@
>                       err(1, "setresgid() failed");
>               if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
>                       err(1, "setresuid() failed");
> -             endpwent();
>  
>               close(socks[0]);
>               priv_fd = socks[1];
> Index: privsep.c
> ===================================================================
> RCS file: /cvs/src//usr.sbin/syslogd/privsep.c,v
> retrieving revision 1.34
> diff -u privsep.c
> --- privsep.c 23 Nov 2008 04:29:42 -0000      1.34
> +++ privsep.c 2 Jun 2010 15:18:56 -0000
> @@ -435,7 +435,6 @@
>           setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 ||
>           setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
>               err(1, "failure dropping privs");
> -     endpwent();
>  
>       if (dup2(fd[0], STDIN_FILENO) == -1)
>               err(1, "dup2 failed");
> 
> --xHFwDpU9dbj6ez1V--

Reply via email to