On Wed, Feb 13, 2013 at 6:15 AM, Karel Zak <kzak@xxxxxxxxxx> wrote:
> On Wed, Feb 06, 2013 at 11:22:21PM -0700, Cody Maloney wrote:
>> @@ -149,17 +156,24 @@ int main(int argc, char **argv)
>> }
>> #endif
>>
>> - /* Reality check */
>> - if (uid != 0 && uid != oldf.pw->pw_uid) {
> ^^^^^^^^^^^^^^^
>> +#ifdef HAVE_LIBUSER
>> + /* If we're setuid and not really root, disallow the password change. */
>> + if (geteuid() != getuid() && uid != pw->pw_uid) {
>> +#else
>> + if (uid != 0 && uid != pw->pw_uid) {
>> +#endif
>
> Copy & past from chsh, right?
>
> login-utils/chfn.c: In function ‘main’:
> login-utils/chfn.c:161:38: error: ‘pw’ undeclared (first use in this function)
> login-utils/chfn.c:161:38: note: each undeclared identifier is
> reported only once for each function it appears in
Yes it was (And in turn based on lchsh)
>
>> errno = EACCES;
>> - err(EXIT_FAILURE, NULL);
>> + err(EXIT_FAILURE, _("running UID doesn't match UID of user we're "
>> + "altering, change denied")););
> ^^^
>> }
>
> login-utils/chfn.c:167:37: error: expected statement before ‘)’ token
>
>
> Man, that's suid binary...
>
> Fixed and applied.
>
> Karel
Thanks
Cody
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
