Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improper parsing of /etc/passwd when username is suffix of another user #80

Closed
Matir opened this issue Sep 30, 2020 · 0 comments · Fixed by #81
Closed

Improper parsing of /etc/passwd when username is suffix of another user #80

Matir opened this issue Sep 30, 2020 · 0 comments · Fixed by #81

Comments

@Matir
Copy link
Contributor

Matir commented Sep 30, 2020

Steps to reproduce:

  1. Create a user testagent with SSH keys in project/instance metadata.
  2. Wait for agent to create user & provision.
  3. Create a user agent with SSH keys in project/instance metadata.
  4. Observe keys for user agent written into /home/testagent/.ssh/authorized_keys

This occurs because the code for getPasswd only checks that the entry in /etc/passwd contains the username followed by :. Of course, it only occurs if the longer username is first in /etc/passwd and the shorter username is 2nd in the project/instance metadata.

I'll send a PR with a fix shortly.
Matir added a commit to Matir/guest-agent that referenced this issue Sep 30, 2020
@Matir
getPasswd: Check full prefix of line for username
95880de 
This fixes GoogleCloudPlatform#80 where the username is checked with Contains, resulting in improper parsing when a username is a suffix of another username.
@Matir Matir mentioned this issue Sep 30, 2020
Merged
google-oss-robot pushed a commit that referenced this issue Oct 1, 2020
@Matir
getPasswd: Check full prefix of line for username (#81)
369e63c 
This fixes #80 where the username is checked with Contains, resulting in improper parsing when a username is a suffix of another username.
patelne pushed a commit to patelne/guest-agent that referenced this issue Feb 17, 2022
@gaohannk @hopkiw
add test wrapper (GoogleCloudPlatform#80)
dae62bc 
* add test wrapper

* address comments

* address comments

* fix build bug

* remove unused code

* address comment

* address pr feedback

Co-authored-by: Liam Hopkins <liamh@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

getPasswd: Check full prefix of line for username Matir/guest-agent
1 participant
@Matir