usermod: Guard against unsafe change of ownership of home directory content

In case the home directory is not a real home directory
(owned by the user) but things like / or /var or similar,
it is unsafe to change ownership of home directory content.

The test checks whether the home directory is owned by the
user him/herself, if not no ownership modification of contents
is performed.

diff --git a/src/usermod.c b/src/usermod.c
index 72eeb8b2eddfdd35270e39817589a91b19ac1ffe..68775272d3c767aa040efe731aa57bbd866c505e 100644 (file)
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -2313,7 +2313,10 @@ int main (int argc, char **argv)
        }
 
        if (!mflg && (uflg || gflg)) {
-               if (access (dflg ? prefix_user_newhome : prefix_user_home, F_OK) == 0) {
+               struct stat sb;
+
+               if (stat (dflg ? prefix_user_newhome : prefix_user_home, &sb) == 0 &&
+                       ((uflg && sb.st_uid == user_newid) || sb.st_uid == user_id)) {
                        /*
                         * Change the UID on all of the files owned by
                         * `user_id' to `user_newid' in the user's home