user-util: filter out invalid user record data a bit more thorougly

author Lennart Poettering <lennart@poettering.net>

Thu, 7 Mar 2019 09:32:48 +0000 (10:32 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 12 Mar 2019 15:08:57 +0000 (16:08 +0100)
author Lennart Poettering <lennart@poettering.net>
Thu, 7 Mar 2019 09:32:48 +0000 (10:32 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 12 Mar 2019 15:08:57 +0000 (16:08 +0100)
diff --git a/src/basic/user-util.c b/src/basic/user-util.c

index 260f3d20576baa2175c9230e50028ecbd2db4298..b8d10669299a003c828eb01599d9c8c784320fa5 100644 (file)
--- a/src/basic/user-util.c
+++ b/src/basic/user-util.c
@@ -238,14 +238,21 @@ int get_user_creds(
          }
  
          if (home) {
-                if (FLAGS_SET(flags, USER_CREDS_CLEAN) && empty_or_root(p->pw_dir))
-                        *home = NULL;
+                if (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
+                    (empty_or_root(p->pw_dir) ||
+                     !path_is_valid(p->pw_dir) ||
+                     !path_is_absolute(p->pw_dir)))
+                    *home = NULL; /* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */
                  else
                          *home = p->pw_dir;
          }
  
          if (shell) {
-                if (FLAGS_SET(flags, USER_CREDS_CLEAN) && (isempty(p->pw_shell) || is_nologin_shell(p->pw_shell)))
+                if (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
+                    (isempty(p->pw_shell) ||
+                     !path_is_valid(p->pw_dir) ||
+                     !path_is_absolute(p->pw_shell) ||
+                     is_nologin_shell(p->pw_shell)))
                          *shell = NULL;
                  else
                          *shell = p->pw_shell;
author	Lennart Poettering <lennart@poettering.net>
	Thu, 7 Mar 2019 09:32:48 +0000 (10:32 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 12 Mar 2019 15:08:57 +0000 (16:08 +0100)