Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Feb 2004 11:11:58 -0800
From:      Tim Kientzle <tim@kientzle.com>
To:        kientzle@acm.org
Cc:        Colin Percival <cperciva@FreeBSD.org>
Subject:   Re: login -p
Message-ID:  <403A507E.4010403@kientzle.com>
In-Reply-To: <403A4730.80302@kientzle.com>
References:  <200402221003.i1MA3PW0024791@repoman.freebsd.org> <403944D8.6050107@kientzle.com> <20040223025647.GA43467@VARK.homeunix.com> <40397824.3080607@kientzle.com> <20040223052110.GA58255@VARK.homeunix.com> <40399858.8060506@kientzle.com> <20040223075448.GA59307@VARK.homeunix.com> <403A4730.80302@kientzle.com>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
Tim Kientzle wrote:
> 
> The attached patch implements this suggestion.
> I just copied "chshell" from su (shouldn't some version
> of this be in libc?) and made the obvious change.

Patch file now uses the shiny -u flag for
improved readability!

<sigh>

Tim

[-- Attachment #2 --]
Index: login.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/login/login.c,v
retrieving revision 1.98
diff -u -r1.98 login.c
--- login.c	26 Jan 2004 20:04:47 -0000	1.98
+++ login.c	23 Feb 2004 19:07:17 -0000
@@ -84,6 +84,7 @@
 
 static int		 auth_pam(void);
 static void		 bail(int, int);
+static int		 chshell(const char *);
 static int		 export(const char *);
 static void		 export_pam_environment(void);
 static int		 motd(const char *);
@@ -465,10 +466,12 @@
 
 	/*
 	 * Destroy environment unless user has requested its
-	 * preservation - but preserve TERM in all cases
+	 * preservation or the user has a non-standard shell.  In
+	 * particular, this prevents environment-poisoning exploits
+	 * against nologin scripts.  Preserve TERM in all cases.
 	 */
 	term = getenv("TERM");
-	if (!pflag)
+	if (!pflag || !chshell(shell))
 		environ = envinit;
 	if (term != NULL)
 		setenv("TERM", term, 0);
@@ -933,4 +936,22 @@
 	pam_cleanup();
 	(void)sleep(sec);
 	exit(eval);
+}
+
+/*
+ * Return TRUE if the shell is a "standard" shell.
+ * (That is, one listed in /etc/shells.)
+ */
+static int
+chshell(const char *sh)
+{
+        int r;
+        const char *cp;
+
+        r = 0;
+        setusershell();
+        while ((cp = getusershell()) != NULL && !r)
+            r = (strcmp(cp, sh) == 0);
+        endusershell();
+        return r;
 }
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?403A507E.4010403>