[478] in Kerberos
bugs in ext_srvtab.c
daemon@TELECOM.MIT.EDU (jb%cs.brown.edu@RELAY.CS.NET)
Sat Aug 6 08:04:21 1988
From: jb%cs.brown.edu@RELAY.CS.NET
To: kerberos@ATHENA.MIT.EDU
Ext_srvtab has a couple minor problems. If it is called using a relative
beginning with a "." and without the "-n" flag, it complains that the
path used for executing the program is an invalid instance. The easiest
test case I found was "./ext_srvtab host". I traced this problem down to
poor handling of the argument list. A second problem is that the srvtab
created has bad permissions. When I ran the program, the srvtab was
readable by everyone on the machine. It should be readable by only root
for security reasons.
Below are fixes for both of these problems as well as removing an unused
variable.
Jim
*** ext_srvtab.c.orig Mon May 23 15:58:18 1988
--- ext_srvtab.c Sat Jul 30 10:22:45 1988
***************
*** 48,54 ****
char realm[REALM_SZ];
int fopen_errs = 0;
char *arg;
- Principal master_princ;
Principal princs[40];
int more, prompt;
register int n, i;
--- 48,53 ----
***************
*** 64,70 ****
exit (-1);
}
}
- argc++; argv--;
CheckArgs(argc, argv);
--- 63,68 ----
***************
*** 84,91 ****
fprintf(stderr, "%s: couldn't get local realm\n", progname);
exit(1);
}
! while (--argc) {
! arg = *++argv;
sprintf(fname, "%s-new-srvtab", arg);
if ((fout = fopen(fname, "w")) == NULL) {
fprintf(stderr, "Couldn't create file '%s'.\n", fname);
--- 82,90 ----
fprintf(stderr, "%s: couldn't get local realm\n", progname);
exit(1);
}
! (void) umask(077);
! while (argc--) {
! arg = *argv++;
sprintf(fname, "%s-new-srvtab", arg);
if ((fout = fopen(fname, "w")) == NULL) {
fprintf(stderr, "Couldn't create file '%s'.\n", fname);
***************
*** 129,135 ****
int c;
char *v[];
{
! for (; --c; ++v)
if (!k_isinst(*v)) {
fprintf(stderr, "%s: bad instance name: %s\n",
progname, *v);
--- 128,134 ----
int c;
char *v[];
{
! for (; c--; v++)
if (!k_isinst(*v)) {
fprintf(stderr, "%s: bad instance name: %s\n",
progname, *v);
