git.ipfire.org Git - thirdparty/util-linux.git/commit

author	Sami Kerola <kerolasa@iki.fi>
	Sat, 15 Apr 2017 20:46:38 +0000 (21:46 +0100)
committer	Sami Kerola <kerolasa@iki.fi>
	Tue, 2 May 2017 22:22:04 +0000 (23:22 +0100)
commit	71f207a5f598623a539ba825b97a503072c4a1b4
tree	fd31b40c23fa8d695a91ab64a4c0d82d11f5661b	tree
parent	2cdaf94b55bd862fc01c76f0e8cb39e68d8f89f9	commit \| diff

sulogin: reduce vulnerability surface

Hopefully these changes are unreachable code, but better safe than sorry
when dealing with setuid root code that is installed everywhere. Quite
obviously the introduced abort() calls protect from impossible inputs.

Secondly set all possible data to be read-only in attempt to make it more
difficult to alter anything at all.

Reference: https://www.securecoding.cert.org/confluence/display/c/DCL00-C.+Const-qualify+immutable+objects
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>

login-utils/su-common.c		diff \| blob \| blame \| history
login-utils/sulogin-consoles.c		diff \| blob \| blame \| history
login-utils/sulogin.c		diff \| blob \| blame \| history