From owner-freebsd-security Fri Jun 22 7:37:29 2001 Delivered-To: freebsd-security@freebsd.org Received: from marble.sentex.ca (ns2.sentex.ca [199.212.134.2]) by hub.freebsd.org (Postfix) with ESMTP id E31F937B406 for ; Fri, 22 Jun 2001 07:37:25 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by marble.sentex.ca (8.11.1/8.11.1) with ESMTP id f5MEbPt76219 for ; Fri, 22 Jun 2001 10:37:25 -0400 (EDT) Message-Id: <5.1.0.14.0.20010622103016.03639890@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 22 Jun 2001 10:31:55 -0400 To: freebsd-security@FreeBSD.ORG From: Mike Tancsa Subject: patch to fix expire security hole ? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Is this a possible fix for ftpd so that the expire field is checked ? ---Mike diff -u ftpd.c.orig ftpd.c --- ftpd.c.orig Fri Jun 22 10:29:02 2001 +++ ftpd.c Fri Jun 22 10:40:38 2001 @@ -1215,11 +1215,11 @@ #else rval = strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd)); #endif +skip: /* The strcmp does not catch null passwords! */ if (*pw->pw_passwd == '\0' || (pw->pw_expire && time(NULL) >= pw->pw_expire)) rval = 1; /* failure */ -skip: /* * If rval == 1, the user failed the authentication check * above. If rval == 0, either PAM or local authentication To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message