logo

etc_portage

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/etc_portage.git
commit: 84edf5725688c180bc0e34e8139612afc34d1dc9
parent 9e8650e1afec88b181a5c71e2b3b3492ba9b803d
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Sun, 14 Mar 2021 19:23:51 +0100

sys-apps/shadow: Treat empty password field as invalid

Diffstat:

Apatches/sys-apps/shadow/empty-passwd-assert.patch32++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+), 0 deletions(-)

diff --git a/patches/sys-apps/shadow/empty-passwd-assert.patch b/patches/sys-apps/shadow/empty-passwd-assert.patch @@ -0,0 +1,32 @@ +From 1b1df50a8fb020e33b1dd2d3a6a7605a09a2a2be Mon Sep 17 00:00:00 2001 +From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me> +Date: Sun, 14 Mar 2021 19:13:13 +0100 +Subject: [PATCH] su: Treat an empty passwd field as invalid +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Otherwise it's treated like the “require no password” clause while it probably +should be treated like a normal su that can't validate anyway. + +A similar change should be done for USE_PAM. +--- + src/su.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/su.c b/src/su.c +index cea3f155..b064d71b 100644 +--- a/src/su.c ++++ b/src/su.c +@@ -501,6 +501,11 @@ static void check_perms_nopam (const struct passwd *pw) + /*@observer@*/const char *password = pw->pw_passwd; + RETSIGTYPE (*oldsig) (int); + ++ if (strcmp (pw->pw_passwd, "") == 0) { ++ fprintf(stderr, _("Password field is empty, this is invalid.\n")); ++ exit(1); ++ } ++ + if (caller_is_root) { + return; + }