Disable core dumps in case passwd(1) crashes
Avoids leaking the shadow db.
This commit is contained in:
parent
5eeef920f0
commit
924fc8449b
2
passwd.c
2
passwd.c
@ -39,6 +39,8 @@ main(int argc, char *argv[])
|
||||
if (argc != 1)
|
||||
usage();
|
||||
|
||||
pw_init();
|
||||
|
||||
errno = 0;
|
||||
pw = getpwnam(argv[0]);
|
||||
if (errno)
|
||||
|
1
passwd.h
1
passwd.h
@ -2,4 +2,5 @@
|
||||
/* passwd.c */
|
||||
int pw_check(struct passwd *, const char *);
|
||||
int pw_copy(int, int, const struct passwd *);
|
||||
int pw_init(void);
|
||||
int pw_scan(char *, struct passwd *);
|
||||
|
@ -6,6 +6,8 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/resource.h>
|
||||
#include <sys/time.h>
|
||||
#include "../passwd.h"
|
||||
#include "../text.h"
|
||||
#include "../util.h"
|
||||
@ -107,6 +109,18 @@ pw_copy(int ffd, int tfd, const struct passwd *newpw)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
pw_init(void)
|
||||
{
|
||||
struct rlimit rlim;
|
||||
|
||||
rlim.rlim_cur = 0;
|
||||
rlim.rlim_max = 0;
|
||||
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
|
||||
eprintf("setrlimit:");
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
pw_scan(char *bp, struct passwd *pw)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user