forked from soccera/rdo
Clear password after we're done using it
Previously, the password would not be cleared after we hashed it with crypt(), which lead to the password staying in memory for the duration of program runtime. This was only really an issue for incorrect passwords, as execve() purges our memory anyway, but attackers could use an incorrect but mostly correct password for privilege escalation. Due to this being a security issue, this commit also introduces rdo version 1.3. Fixes #7
This commit is contained in:
parent
5d79415618
commit
860f9cbf47
1 changed files with 5 additions and 2 deletions
7
rdo.c
7
rdo.c
|
@ -9,7 +9,7 @@
|
|||
#include <bsd/readpassphrase.h>
|
||||
#include "sessions.h"
|
||||
|
||||
#define VERSION "1.2"
|
||||
#define VERSION "1.3"
|
||||
|
||||
void getconf(FILE* fp, const char* entry, char* result, size_t len_result) {
|
||||
char* line = NULL;
|
||||
|
@ -96,7 +96,10 @@ int main(int argc, char** argv) {
|
|||
if (!readpassphrase("(rdo) Password: ", password, sizeof(password), RPP_REQUIRE_TTY))
|
||||
err(1, "Could not get passphrase");
|
||||
|
||||
if (strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp)) == 0) {
|
||||
int rc = strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp));
|
||||
memset(password, 0, sizeof(password));
|
||||
|
||||
if (rc == 0) {
|
||||
setsession(getppid(), ts_ttl);
|
||||
return runprog(argc, argv);
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue