disallow all-numeric user and group names (#1139318)
This commit is contained in:
Tomas Mraz
parent
4c1ef1cd21
commit
d29b2a8def
@ -1,9 +1,12 @@
|
|||||||
diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c
|
diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c
|
||||||
--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200
|
--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200
|
||||||
+++ shadow-4.1.5.1/libmisc/chkname.c 2012-09-19 18:43:53.492160653 +0200
|
+++ shadow-4.1.5.1/libmisc/chkname.c 2014-09-09 17:35:17.207303124 +0200
|
||||||
@@ -49,20 +49,28 @@
|
@@ -47,27 +47,42 @@
|
||||||
|
#include "chkname.h"
|
||||||
|
|
||||||
static bool is_valid_name (const char *name)
|
static bool is_valid_name (const char *name)
|
||||||
{
|
-{
|
||||||
|
+{
|
||||||
/*
|
/*
|
||||||
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
||||||
- */
|
- */
|
||||||
@ -14,7 +17,11 @@ diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chknam
|
|||||||
+ *
|
+ *
|
||||||
+ * as a non-POSIX, extension, allow "$" as the last char for
|
+ * as a non-POSIX, extension, allow "$" as the last char for
|
||||||
+ * sake of Samba 3.x "add machine script"
|
+ * sake of Samba 3.x "add machine script"
|
||||||
|
+ *
|
||||||
|
+ * Also do not allow fully numeric names.
|
||||||
+ */
|
+ */
|
||||||
|
+ int numeric;
|
||||||
|
+
|
||||||
+ if ( ('\0' == *name) ||
|
+ if ( ('\0' == *name) ||
|
||||||
+ !((*name >= 'a' && *name <= 'z') ||
|
+ !((*name >= 'a' && *name <= 'z') ||
|
||||||
+ (*name >= 'A' && *name <= 'Z') ||
|
+ (*name >= 'A' && *name <= 'Z') ||
|
||||||
@ -24,6 +31,8 @@ diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chknam
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
+ numeric = isdigit(*name);
|
||||||
|
+
|
||||||
while ('\0' != *++name) {
|
while ('\0' != *++name) {
|
||||||
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
||||||
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
||||||
@ -39,10 +48,17 @@ diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chknam
|
|||||||
+ )) {
|
+ )) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
+ numeric &= isdigit(*name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- return true;
|
||||||
|
+ return !numeric;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool is_valid_user_name (const char *name)
|
||||||
diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
|
diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
|
||||||
--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
|
--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
|
||||||
+++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200
|
+++ shadow-4.1.5.1/man/groupadd.8.xml 2014-09-09 17:28:46.330300342 +0200
|
||||||
@@ -259,12 +259,6 @@
|
@@ -259,12 +259,6 @@
|
||||||
<refsect1 id='caveats'>
|
<refsect1 id='caveats'>
|
||||||
<title>CAVEATS</title>
|
<title>CAVEATS</title>
|
||||||
@ -58,7 +74,7 @@ diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.
|
|||||||
<para>
|
<para>
|
||||||
diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8
|
diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8
|
||||||
--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200
|
--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200
|
||||||
+++ shadow-4.1.5.1/man/man8/groupadd.8 2012-09-19 18:44:42.175123079 +0200
|
+++ shadow-4.1.5.1/man/man8/groupadd.8 2014-09-09 17:28:46.330300342 +0200
|
||||||
@@ -190,9 +190,7 @@ Shadow password suite configuration\&.
|
@@ -190,9 +190,7 @@ Shadow password suite configuration\&.
|
||||||
.RE
|
.RE
|
||||||
.SH "CAVEATS"
|
.SH "CAVEATS"
|
||||||
@ -72,7 +88,7 @@ diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/gro
|
|||||||
.PP
|
.PP
|
||||||
diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8
|
diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8
|
||||||
--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200
|
--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200
|
||||||
+++ shadow-4.1.5.1/man/man8/useradd.8 2012-09-19 18:46:09.249033949 +0200
|
+++ shadow-4.1.5.1/man/man8/useradd.8 2014-09-09 17:28:46.330300342 +0200
|
||||||
@@ -224,7 +224,7 @@ is not enabled, no home directories are
|
@@ -224,7 +224,7 @@ is not enabled, no home directories are
|
||||||
.PP
|
.PP
|
||||||
\fB\-M\fR
|
\fB\-M\fR
|
||||||
@ -93,7 +109,7 @@ diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/user
|
|||||||
.PP
|
.PP
|
||||||
diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
|
diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
|
||||||
--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
|
--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
|
||||||
+++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200
|
+++ shadow-4.1.5.1/man/useradd.8.xml 2014-09-09 17:28:46.330300342 +0200
|
||||||
@@ -366,7 +366,7 @@
|
@@ -366,7 +366,7 @@
|
||||||
</term>
|
</term>
|
||||||
<listitem>
|
<listitem>
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
Summary: Utilities for managing accounts and shadow password files
|
Summary: Utilities for managing accounts and shadow password files
|
||||||
Name: shadow-utils
|
Name: shadow-utils
|
||||||
Version: 4.1.5.1
|
Version: 4.1.5.1
|
||||||
Release: 18%{?dist}
|
Release: 19%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
URL: http://pkg-shadow.alioth.debian.org/
|
URL: http://pkg-shadow.alioth.debian.org/
|
||||||
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
|
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
|
||||||
@ -236,6 +236,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_mandir}/man8/vigr.8*
|
%{_mandir}/man8/vigr.8*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Sep 9 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-19
|
||||||
|
- disallow all-numeric user and group names (#1139318)
|
||||||
|
|
||||||
* Fri Aug 29 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-18
|
* Fri Aug 29 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-18
|
||||||
- label the newly created home dir correctly (#1077809)
|
- label the newly created home dir correctly (#1077809)
|
||||||
- mention that chage -d 0 forces password change (#1135010)
|
- mention that chage -d 0 forces password change (#1135010)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user