Make sure that the user name cannot ever be interpreted as an option to
login(8). Note: This does *not* fix any security holes.
This commit is contained in:
mycroft
parent
718ac5d246
commit
90f0c26840
@ -39,7 +39,7 @@ static char copyright[] =
|
|||||||
|
|
||||||
#ifndef lint
|
#ifndef lint
|
||||||
/* from: static char sccsid[] = "@(#)rlogind.c 8.1 (Berkeley) 6/4/93"; */
|
/* from: static char sccsid[] = "@(#)rlogind.c 8.1 (Berkeley) 6/4/93"; */
|
||||||
static char *rcsid = "$Id: rlogind.c,v 1.6 1994/06/05 13:57:52 cgd Exp $";
|
static char *rcsid = "$Id: rlogind.c,v 1.7 1996/02/08 06:05:31 mycroft Exp $";
|
||||||
#endif /* not lint */
|
#endif /* not lint */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -239,13 +239,12 @@ doit(f, fromp)
|
|||||||
if (f > 2) /* f should always be 0, but... */
|
if (f > 2) /* f should always be 0, but... */
|
||||||
(void) close(f);
|
(void) close(f);
|
||||||
setup_term(0);
|
setup_term(0);
|
||||||
if (authenticated) {
|
if (authenticated)
|
||||||
|
|
||||||
execl(_PATH_LOGIN, "login", "-p",
|
execl(_PATH_LOGIN, "login", "-p",
|
||||||
"-h", hostname, "-f", lusername, (char *)NULL);
|
"-h", hostname, "-f", "--", lusername, (char *)0);
|
||||||
} else
|
else
|
||||||
execl(_PATH_LOGIN, "login", "-p",
|
execl(_PATH_LOGIN, "login", "-p",
|
||||||
"-h", hostname, lusername, (char *)NULL);
|
"-h", hostname, "--", lusername, (char *)0);
|
||||||
fatal(STDERR_FILENO, _PATH_LOGIN, 1);
|
fatal(STDERR_FILENO, _PATH_LOGIN, 1);
|
||||||
/*NOTREACHED*/
|
/*NOTREACHED*/
|
||||||
}
|
}
|
||||||
|
|||||||
@ -33,7 +33,7 @@
|
|||||||
|
|
||||||
#ifndef lint
|
#ifndef lint
|
||||||
/* from: static char sccsid[] = "@(#)sys_term.c 8.1 (Berkeley) 6/4/93"; */
|
/* from: static char sccsid[] = "@(#)sys_term.c 8.1 (Berkeley) 6/4/93"; */
|
||||||
static char *rcsid = "$Id: sys_term.c,v 1.4 1994/12/23 14:29:46 cgd Exp $";
|
static char *rcsid = "$Id: sys_term.c,v 1.5 1996/02/08 06:10:52 mycroft Exp $";
|
||||||
#endif /* not lint */
|
#endif /* not lint */
|
||||||
|
|
||||||
#include "telnetd.h"
|
#include "telnetd.h"
|
||||||
@ -1590,6 +1590,7 @@ start_login(host, autologin, name)
|
|||||||
if (auth_level >= 0 && autologin == AUTH_VALID) {
|
if (auth_level >= 0 && autologin == AUTH_VALID) {
|
||||||
# if !defined(NO_LOGIN_F)
|
# if !defined(NO_LOGIN_F)
|
||||||
argv = addarg(argv, "-f");
|
argv = addarg(argv, "-f");
|
||||||
|
argv = addarg(argv, "--");
|
||||||
argv = addarg(argv, name);
|
argv = addarg(argv, name);
|
||||||
# else
|
# else
|
||||||
# if defined(LOGIN_R)
|
# if defined(LOGIN_R)
|
||||||
@ -1662,12 +1663,14 @@ start_login(host, autologin, name)
|
|||||||
pty = xpty;
|
pty = xpty;
|
||||||
}
|
}
|
||||||
# else
|
# else
|
||||||
|
argv = addarg(argv, "--");
|
||||||
argv = addarg(argv, name);
|
argv = addarg(argv, name);
|
||||||
# endif
|
# endif
|
||||||
# endif
|
# endif
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
if (getenv("USER")) {
|
if (getenv("USER")) {
|
||||||
|
argv = addarg(argv, "--");
|
||||||
argv = addarg(argv, getenv("USER"));
|
argv = addarg(argv, getenv("USER"));
|
||||||
#if defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
|
#if defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user