commit 924fc8449b169f00f0ba9e323b39a84c87a93be9
parent 5eeef920f00eee50f6fac1992e09e04b218e04e6
Author: sin <sin@2f30.org>
Date: Tue, 10 Jun 2014 11:38:45 +0100
Disable core dumps in case passwd(1) crashes
Avoids leaking the shadow db.
Diffstat:
3 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/passwd.c b/passwd.c
@@ -39,6 +39,8 @@ main(int argc, char *argv[])
if (argc != 1)
usage();
+ pw_init();
+
errno = 0;
pw = getpwnam(argv[0]);
if (errno)
diff --git a/passwd.h b/passwd.h
@@ -2,4 +2,5 @@
/* passwd.c */
int pw_check(struct passwd *, const char *);
int pw_copy(int, int, const struct passwd *);
+int pw_init(void);
int pw_scan(char *, struct passwd *);
diff --git a/util/passwd.c b/util/passwd.c
@@ -6,6 +6,8 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <sys/resource.h>
+#include <sys/time.h>
#include "../passwd.h"
#include "../text.h"
#include "../util.h"
@@ -108,6 +110,18 @@ pw_copy(int ffd, int tfd, const struct passwd *newpw)
}
int
+pw_init(void)
+{
+ struct rlimit rlim;
+
+ rlim.rlim_cur = 0;
+ rlim.rlim_max = 0;
+ if (setrlimit(RLIMIT_CORE, &rlim) < 0)
+ eprintf("setrlimit:");
+ return 0;
+}
+
+int
pw_scan(char *bp, struct passwd *pw)
{
char *p;
