Site Navigation

Date:      Wed, 27 Nov 2002 13:37:05 -0800
From:      Terry Lambert <tlambert2@mindspring.com>
To:        "David W. Chapman Jr." <dwcjr@inethouston.net>
Cc:        current@freebsd.org
Subject:   Re: pw_user.c change for samba
Message-ID:  <3DE53B01.BC819662@mindspring.com>
References:  <20021127192126.GA31706@leviathan.inethouston.net> <3DE52B70.44402B98@mindspring.com> <20021127203401.GA35573@leviathan.inethouston.net> <3DE5315A.FC6D59B@mindspring.com> <20021127210640.GA36331@leviathan.inethouston.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is a multi-part message in MIME format.
--------------7CA3AA564B88E43F55451EE3
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

"David W. Chapman Jr." wrote:
> > If it's allowed, it whould probably only be allowed in the
> > user name (i.e. the patch is wrong; it should probably add
> > another parameter to the allowable values of 'int gecos', and
> > change it to 'int checktype' or similar).
> 
> I don't have a problem with this, but the patch I sent in is the
> extent of my abilities to give me desired results(making pw like
> samba)

See attached patch.  It could still screw scripts (e.g. the perl
script version of "adduser") by allowing the "$" in the login
field, but at least it keeps it out of the login class and group
fields.

See below, though: I don't think '$' should be permitted.


> > It seems to me that another alternative is that all these
> > names end in '$'; therefore, when you are expecting one of
> > these names, you could imply a '$', without needing to actually
> > have it in the password file -- in other words, it's an
> > attribute, not really part of the account name.
> >
> > Will this open up a security hole for a nomal user account
> > being used to compromise the domain system security?  Is it
> > absolutely necessary to use an in-band method to distinguish
> > these records from ordinary user accounts?
> 
> I don't think the samba people would be willing to make this type of
> change just for FreeBSD since it works for most everyone else.  I
> also don't think there is currently a way to store attributes about
> machines/users permanently in samba.

I think you misunderstand.

The intent is to allow accounts without "$" appended to be used
as machine logins.  Samba would see the '$', remove it, and check
normally.

The potential problem is that normal user accounts could be used
in place of machines.

The proper "BSD way" to avoid this hack would be to add a login
class "samba_server" (or whatever), and make Samba permit this
type of check only if the user was in the correct login class.

-- Terry
--------------7CA3AA564B88E43F55451EE3
Content-Type: text/plain; charset=us-ascii;
 name="pwcheck.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="pwcheck.diff"

Index: pw.h
===================================================================
RCS file: /cvs/src/usr.sbin/pw/pw.h,v
retrieving revision 1.13
diff -c -r1.13 pw.h
*** pw.h	5 Jul 2001 08:01:15 -0000	1.13
--- pw.h	27 Nov 2002 17:21:03 -0000
***************
*** 62,67 ****
--- 62,74 ----
          W_NUM
  };
  
+ enum _checktype
+ {
+ 	PWC_DEFAULT,
+ 	PWC_GECOS,
+ 	PWC_LOGIN
+ };
+ 
  struct carg
  {
  	int		  ch;
***************
*** 105,111 ****
  
  int pw_user(struct userconf * cnf, int mode, struct cargs * _args);
  int pw_group(struct userconf * cnf, int mode, struct cargs * _args);
! char    *pw_checkname(u_char *name, int gecos);
  
  int addpwent(struct passwd * pwd);
  int delpwent(struct passwd * pwd);
--- 112,118 ----
  
  int pw_user(struct userconf * cnf, int mode, struct cargs * _args);
  int pw_group(struct userconf * cnf, int mode, struct cargs * _args);
! char    *pw_checkname(u_char *name, enum _checktype checktype);
  
  int addpwent(struct passwd * pwd);
  int delpwent(struct passwd * pwd);
Index: pw_user.c
===================================================================
RCS file: /cvs/src/usr.sbin/pw/pw_user.c,v
retrieving revision 1.51
diff -c -r1.51 pw_user.c
*** pw_user.c	24 Jun 2002 11:33:17 -0000	1.51
--- pw_user.c	27 Nov 2002 17:30:43 -0000
***************
*** 231,237 ****
  		}
  	}
  	if ((arg = getarg(args, 'L')) != NULL)
! 		cnf->default_class = pw_checkname((u_char *)arg->val, 0);
  
  	if ((arg = getarg(args, 'G')) != NULL && arg->val) {
  		int i = 0;
--- 231,237 ----
  		}
  	}
  	if ((arg = getarg(args, 'L')) != NULL)
! 		cnf->default_class = pw_checkname((u_char *)arg->val, PWC_DEFAULT);
  
  	if ((arg = getarg(args, 'G')) != NULL && arg->val) {
  		int i = 0;
***************
*** 293,299 ****
  	}
  
  	if ((a_name = getarg(args, 'n')) != NULL)
! 		pwd = GETPWNAM(pw_checkname((u_char *)a_name->val, 0));
  	a_uid = getarg(args, 'u');
  
  	if (a_uid == NULL) {
--- 293,299 ----
  	}
  
  	if ((a_name = getarg(args, 'n')) != NULL)
! 		pwd = GETPWNAM(pw_checkname((u_char *)a_name->val, PWC_LOGIN));
  	a_uid = getarg(args, 'u');
  
  	if (a_uid == NULL) {
***************
*** 455,461 ****
  		if ((arg = getarg(args, 'l')) != NULL) {
  			if (strcmp(pwd->pw_name, "root") == 0)
  				errx(EX_DATAERR, "can't rename `root' account");
! 			pwd->pw_name = pw_checkname((u_char *)arg->val, 0);
  			edited = 1;
  		}
  
--- 455,461 ----
  		if ((arg = getarg(args, 'l')) != NULL) {
  			if (strcmp(pwd->pw_name, "root") == 0)
  				errx(EX_DATAERR, "can't rename `root' account");
! 			pwd->pw_name = pw_checkname((u_char *)arg->val, PWC_LOGIN);
  			edited = 1;
  		}
  
***************
*** 595,601 ****
  	 * Shared add/edit code
  	 */
  	if ((arg = getarg(args, 'c')) != NULL) {
! 		char	*gecos = pw_checkname((u_char *)arg->val, 1);
  		if (strcmp(pwd->pw_gecos, gecos) != 0) {
  			pwd->pw_gecos = gecos;
  			edited = 1;
--- 595,601 ----
  	 * Shared add/edit code
  	 */
  	if ((arg = getarg(args, 'c')) != NULL) {
! 		char	*gecos = pw_checkname((u_char *)arg->val, PWC_GECOS);
  		if (strcmp(pwd->pw_gecos, gecos) != 0) {
  			pwd->pw_gecos = gecos;
  			edited = 1;
***************
*** 1192,1201 ****
  }
  
  char    *
! pw_checkname(u_char *name, int gecos)
  {
  	int             l = 0;
! 	char const     *notch = gecos ? ":!@" : " ,\t:+&#%$^()!@~*?<>=|\\/\"";
  
  	while (name[l]) {
  		if (strchr(notch, name[l]) != NULL || name[l] < ' ' || name[l] == 127 ||
--- 1192,1217 ----
  }
  
  char    *
! pw_checkname(u_char *name, enum _checktype checktype)
  {
  	int             l = 0;
! 	char const     *notch;
! 	int		gecos = (checktype == PWC_GECOS);
! 
! 	switch (checktype) {
! 	case PWC_GECOS:
! 		notch = ":!@";
! 		break;
! 
! 	case PWC_LOGIN:
! 		notch = " ,\t:+&#%^()!@~*?<>=|\\/\"";
! 		break;
! 
! 	case PWC_DEFAULT:
! 	default:
! 		notch = " ,\t:+&#%$^()!@~*?<>=|\\/\"";
! 		break;
! 	}
  
  	while (name[l]) {
  		if (strchr(notch, name[l]) != NULL || name[l] < ' ' || name[l] == 127 ||

--------------7CA3AA564B88E43F55451EE3--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DE53B01.BC819662>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact