From owner-cvs-all@FreeBSD.ORG  Sun Mar 27 13:59:44 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id ACDAD16A4CE; Sun, 27 Mar 2005 13:59:44 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9082A43D2F; Sun, 27 Mar 2005 13:59:44 +0000 (GMT)
	(envelope-from nectar@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j2RDxiGC050488;
	Sun, 27 Mar 2005 13:59:44 GMT
	(envelope-from nectar@repoman.freebsd.org)
Received: (from nectar@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j2RDxiF9050487;
	Sun, 27 Mar 2005 13:59:44 GMT
	(envelope-from nectar)
Message-Id: <200503271359.j2RDxiF9050487@repoman.freebsd.org>
From: Jacques Vidrine <nectar@FreeBSD.org>
Date: Sun, 27 Mar 2005 13:59:44 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/libexec/rexecd rexecd.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Mar 2005 13:59:44 -0000

nectar      2005-03-27 13:59:44 UTC

  FreeBSD src repository

  Modified files:
    libexec/rexecd       rexecd.c 
  Log:
  When PAM support was added to rexecd in revision 1.29 (just prior to
  5.0-RELEASE), a visually elusive bug was introduced.  A comparison
  operator was changed to assignment.  As a result, rexecd behaved
  always as if the `-i' option had been specified.  It would allow root
  logins.  This commit corrects the situation in the obvious way.
  
  A separate bug was introduced at the same time.  The PAM library
  functions are called between the invocation of getpwnam(3) and the use
  of the returned static object.  Since many PAM library functions
  result in additional getpwnam(3) calls, the contents of the returned
  static object could be changed from under rexecd.  With this commit,
  getpwnam_r(3) is used instead.
  
  Other PAM-using applications should be reviewed for similar errors in
  getpw* usage.
  
  Security:       rexecd's documented default policy of disallowing root
                  logins was not enforced.
  Reviewed by:    cperciva
  
  Revision  Changes    Path
  1.37      +17 -2     src/libexec/rexecd/rexecd.c