Subject: bin/12465: skeyinit(1) shows "Who are you?" by non-root user
To: None <gnats-bugs@gnats.netbsd.org>
From: None <h-masuda@ootani.nagata.kobe.jp>
List: netbsd-bugs
Date: 03/25/2001 03:02:04
>Number: 12465
>Category: bin
>Synopsis: skeyinit(1) shows "Who are you?" by non-root user
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Mar 24 10:03:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: MASUDA Hideo[JM3SPA]
>Release: NetBSD-release-1-5, NetBSD-current 20010325
>Organization:
MASUDA-NET
>Environment:
System: NetBSD naomi.ootani.nagata.kobe.jp 1.5.1_ALPHA NetBSD 1.5.1_ALPHA (NAOMI-$Revision: 1.1.1.2 $-$NetBSD: 1.354.2.9 $) #5: Sun Feb 4 21:00:44 JST 2001 root@Jeanne-dArc.ootani.nagata.kobe.jp:/usr/src/sys/arch/i386/compile/NAOMI i386
>Description:
skeyinit(1) shows "Who are you?" by non-root user.
>How-To-Repeat:
% skeyinit
>Fix:
After copying from "pp->pw_passwd" into "me", add '\0' termination.
Following patch is for NetBSD-release-1-5(maybe applicable for current).
But why is this occured ONLY NON-ROOT USER ?(something wrong in getpwnam()??)
--- skeyinit.c-dist Tue Jul 18 19:40:41 2000
+++ skeyinit.c Sun Mar 25 02:43:05 2001
@@ -67,6 +67,7 @@
if ((pp = getpwuid(getuid())) == NULL)
err(1, "no user with uid %ld", (u_long)getuid());
(void)strncpy(me, pp->pw_name, sizeof(me) - 1);
+ me[(sizeof(me)-1>strlen(pp->pw_name)?strlen(pp->pw_name):sizeof(me)-1)] = '\0';
if ((pp = getpwnam(me)) == NULL)
err(1, "Who are you?");
>Release-Note:
>Audit-Trail:
>Unformatted: