Date: Thu, 20 Apr 2000 03:59:34 -0700 (PDT) From: noroi@mob.or.jp To: freebsd-gnats-submit@FreeBSD.org Subject: misc/18109: if pw_shell is empty(/bin/sh is assumed), cannot login via ssh. Message-ID: <200004201059.DAA37471@freefall.freebsd.org>
index | next in thread | raw e-mail
>Number: 18109
>Category: misc
>Synopsis: if pw_shell is empty(/bin/sh is assumed), cannot login via ssh.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 20 04:00:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: IKEDA Kenji
>Release: FreeBSD/i386 4.0-RELEASE
>Organization:
>Environment:
FreeBSD butch.sb.is.dnp.co.jp 4.0-RELEASE FreeBSD 4.0-RELEASE #1: Thu Apr 20 16:31:17 JST 2000 bnateam@butch.sb.is.dnp.co.jp:/usr/src/sys/compile/HASH i386
>Description:
Whatever pw_shell field is empty, sshd check it.
>How-To-Repeat:
ssh login to the account that has empty pw_shell field.
>Fix:
--- /usr/src/crypto/openssh/sshd.c Thu Mar 9 23:47:12 2000
+++ sshd.c Thu Apr 20 19:36:28 2000
@@ -1211,11 +1211,13 @@
if (!pw)
return 0;
+ if (pw->pw_shell[0] != '\0') {
/* deny if shell does not exists or is not executable */
if (stat(pw->pw_shell, &st) != 0)
return 0;
if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
return 0;
+ }
/* Return false if user is listed in DenyUsers */
if (options.num_deny_users > 0) {
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004201059.DAA37471>