Diffusion FreeBSD src repository - subversion rS99853

In preventing races in making changes to the password file when the
rS99853Unpublished
Actions

Unpublished Commit · Learn More

No further details are available.

Description

In preventing races in making changes to the password file when the
locking mechanism was relaxed, it was assumed the '-a' option was only
being used to add new entries. The result was '-a' option could not be
used to overwrite an existing entry, but this is a legitimate use. Now
when doing an overwrite, check if the user exists and load the old
entry for later verification. If the user does not exist, there is no
reason to check later.

Note that I this is only fixed in 4-STABLE. When des overhauled the
passwd related commands and functions in 5-CURRENT (thanx!), the logic
of the file was changed and it doesn't have _this_ bug... but it may
have some others with respect to the '-a' option.

PR: bin/39919

Details

Provenance

cjc	Authored on

Parents

rS99852: Unexpand a couple of 8-space indents that I added in rev 1.285.

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (1)

Path

Size

stable/

usr.bin/

chpass/

chpass.c

rS99853

View Options

stable/4/usr.bin/chpass/chpass.c

In preventing races in making changes to the password file when therS99853UnpublishedActions