Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libnss_tcb: Disallow potentially-malicious user names in getspnam(3). #30

Merged
merged 1 commit into from
Dec 20, 2024
Merged

libnss_tcb: Disallow potentially-malicious user names in getspnam(3). #30

merged 1 commit into from
Dec 20, 2024

Conversation

besser82
Copy link
Contributor

No description provided.

@besser82 besser82 force-pushed the topic/besser82/nss_check_username branch 3 times, most recently from 2d5c00b to c685e25 Compare December 20, 2024 11:43
@besser82
Copy link
Contributor Author

@ldv-alt This should be an easy one.

solardiz
solardiz requested changes Dec 20, 2024
View reviewed changes
Copy link
Member

@solardiz solardiz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you've spotted something we really ought to fix, but the code needs further revision.

I don't recall exactly why we didn't have this sort of checks before. It's weird we allowed even ../something. I suppose we expect(ed) that programs would normally use getpwnam first and only proceed to getspnam for existing usernames.

libs/nss.c Outdated Show resolved Hide resolved
libs/nss.c Outdated Show resolved Hide resolved
libs/nss.c Outdated Show resolved Hide resolved
libs/nss.c Outdated Show resolved Hide resolved
libs/nss.c Outdated Show resolved Hide resolved
libs/nss.c Show resolved Hide resolved
@besser82 besser82 force-pushed the topic/besser82/nss_check_username branch 2 times, most recently from 9dfddfc to e68b446 Compare December 20, 2024 18:20
@besser82
Copy link
Contributor Author

@solardiz, rebased onto main.

solardiz
solardiz approved these changes Dec 20, 2024
View reviewed changes
Copy link
Member

@solardiz solardiz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks correct to me now

@solardiz solardiz requested a review from ldv-alt December 20, 2024 18:24
@besser82
libnss_tcb: Disallow potentially-malicious user names in getspnam(3).
30116b9 
IEEE Std 1003.1-2001 allows only the following characters to appear in group-
and usernames: letters, digits, underscores, periods, <at>-signs (@), and
dashes.  The name may not start with a dash or an "@" sign.  The "$" sign
is allowed at the end of usernames to allow typical Samba machine accounts.

Signed-off-by: Björn Esser <[email protected]>
@besser82 besser82 force-pushed the topic/besser82/nss_check_username branch from e68b446 to 30116b9 Compare December 20, 2024 19:27
@solardiz solardiz merged commit b6ce07b into openwall:main Dec 20, 2024
19 checks passed
@besser82 besser82 deleted the topic/besser82/nss_check_username branch December 20, 2024 21:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@solardiz solardiz solardiz approved these changes

@ldv-alt ldv-alt ldv-alt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@besser82 @ldv-alt @solardiz