From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 27884 invoked from network); 13 Oct 2021 13:56:25 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 13 Oct 2021 13:56:25 -0000 Received: (qmail 30663 invoked by uid 550); 13 Oct 2021 13:56:23 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 30633 invoked from network); 13 Oct 2021 13:56:22 -0000 Date: Wed, 13 Oct 2021 09:56:10 -0400 From: Rich Felker To: "A. Wilcox" Cc: musl@lists.openwall.com Message-ID: <20211013135609.GI7074@brightrain.aerifal.cx> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] get/set*ent functions and real world applications On Wed, Oct 13, 2021 at 01:16:30AM -0500, A. Wilcox wrote: > On Oct 11, 2021, at 12:41 PM, Érico Nogueira wrote: > > > > Things in /etc > > can, theoretically, only be written to by root or at least trusted > > users, so treating as entirely untrusted seems a bit over the top... > > My understanding is that tcb exists explicitly to make these files > modifiable by non-root users, to make the shadow tools unprivileged. > > I don't recall if GECOS or group fields are included in tcb, or if > it is only the password itself. If the other fields are included, > this is a much more important bug than otherwise. Users necessarily can't change their group memberships. They can't change anything in passwd db at all, only shadow, and only for themselves, and only if permissions are set so as to allow that. Rich