Date: Mon, 24 Sep 2001 13:39:26 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> Cc: Robert Watson <rwatson@FreeBSD.ORG>, security@FreeBSD.ORG, current@FreeBSD.ORG, developers@FreeBSD.ORG, security-officer@FreeBSD.ORG Subject: Re: Patch for review (was Re: ~/.login_conf disabling exact reasons wanted) Message-ID: <20010924133925.A58403@nagual.pp.ru> In-Reply-To: <200109240003.f8O037701400@cwsys.cwsent.com> References: <20010923161354.A426@nagual.pp.ru> <200109240003.f8O037701400@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 23, 2001 at 17:02:41 -0700, Cy Schubert - ITSD Open Systems Group wrote: > > After applying the patch and building world the following are logged to > syslog. Last minute mistake from my side. Try this one instead: --- login_cap.c.old Sun Sep 23 16:09:04 2001 +++ login_cap.c Mon Sep 24 13:32:45 2001 @@ -184,18 +184,17 @@ login_cap_t *lc; if ((lc = malloc(sizeof(login_cap_t))) != NULL) { - int r, i = 0; + int r, me, i = 0; uid_t euid = 0; gid_t egid = 0; const char *msg = NULL; - const char *dir = (pwd == NULL) ? NULL : pwd->pw_dir; + const char *dir; char userpath[MAXPATHLEN]; static char *login_dbarray[] = { NULL, NULL, NULL }; -#ifndef _FILE_LOGIN_CONF_WORKS - dir = NULL; -#endif + me = (name != NULL && strcmp(name, LOGIN_MECLASS) == 0); + dir = (!me || pwd == NULL) ? NULL : pwd->pw_dir; /* * Switch to user mode before checking/reading its ~/.login_conf * - some NFSes have root read access disabled. @@ -227,7 +226,7 @@ switch (cgetent(&lc->lc_cap, login_dbarray, (char*)name)) { case -1: /* Failed, entry does not exist */ - if (strcmp(name, LOGIN_MECLASS) == 0) + if (me) break; /* Don't retry default on 'me' */ if (i == 0) r = -1; -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010924133925.A58403>