diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2011-05-13 03:19:01 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2011-05-13 03:19:01 +0200 |
commit | 12a432715f066cf9d677316a39c9e0ebc6d72404 (patch) | |
tree | 14a33cdedbd6ba7739449cc3dec968b55a01efad /loginutils/adduser.c | |
parent | 0806e401d6747c391fa0427e0ccba9951f9a1c3d (diff) |
adduser: safe username passing to passwd/addgroup
passwd: support creating SHA passwords
random code shrink
function old new delta
crypt_make_pw_salt - 87 +87
adduser_main 883 904 +21
...
crypt_make_salt 99 89 -10
chpasswd_main 329 312 -17
packed_usage 28731 28691 -40
passwd_main 1070 1000 -70
cryptpw_main 310 224 -86
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/12 up/down: 154/-288) Total: -134 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'loginutils/adduser.c')
-rw-r--r-- | loginutils/adduser.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/loginutils/adduser.c b/loginutils/adduser.c index 1944d9d56..a05b72158 100644 --- a/loginutils/adduser.c +++ b/loginutils/adduser.c @@ -82,21 +82,23 @@ static void passwd_study(struct passwd *p) static void addgroup_wrapper(struct passwd *p, const char *group_name) { - char *argv[5]; + char *argv[6]; argv[0] = (char*)"addgroup"; if (group_name) { /* Add user to existing group */ - argv[1] = p->pw_name; - argv[2] = (char*)group_name; - argv[3] = NULL; + argv[1] = (char*)"--"; + argv[2] = p->pw_name; + argv[3] = (char*)group_name; + argv[4] = NULL; } else { /* Add user to his own group with the first free gid found in passwd_study */ //TODO: to be compatible with external addgroup programs we should use --gid instead... argv[1] = (char*)"-g"; argv[2] = utoa(p->pw_gid); - argv[3] = p->pw_name; - argv[4] = NULL; + argv[3] = (char*)"--"; + argv[4] = p->pw_name; + argv[5] = NULL; } spawn_and_wait(argv); @@ -106,7 +108,7 @@ static void passwd_wrapper(const char *login_name) NORETURN; static void passwd_wrapper(const char *login_name) { - BB_EXECLP("passwd", "passwd", login_name, NULL); + BB_EXECLP("passwd", "passwd", "--", login_name, NULL); bb_error_msg_and_die("can't execute passwd, you must set password manually"); } |