- (djm) [loginrec.c] Relax permission requirement on btmp logs to allow

group read/write. ok dtucker@
author: Damien Miller <djm@mindrot.org> 2010-11-24 10:36:15 +1100
committer: Damien Miller <djm@mindrot.org> 2010-11-24 10:36:15 +1100
commit: 88e341e1ca9502403242a275941b11e509f669fb (patch)
tree: c431601d3544e14ddbbeb24764c68648aa3a9f1e
parent: d995712383c043c4f9d8ca52363e6e1df128dc72 (diff)
2 files changed, 3 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 62c9c666..91e2c892 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 20101124
  - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
    into the platform-specific code  Only affects SCO, tested by and ok tim@.
+ - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
+   group read/write. ok dtucker@
 
 20101122
  - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
diff --git a/loginrec.c b/loginrec.c
index 95f14c46..cccaa47a 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -1673,7 +1673,7 @@ record_failed_login(const char *username, const char *hostname,
 		    strerror(errno));
 		goto out;
 	}
-	if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
+	if((fst.st_mode & (S_IXGRP | S_IRWXO)) || (fst.st_uid != 0)){
 		logit("Excess permission or bad ownership on file %s",
 		    _PATH_BTMP);
 		goto out;
author	Damien Miller <djm@mindrot.org>	2010-11-24 10:36:15 +1100
committer	Damien Miller <djm@mindrot.org>	2010-11-24 10:36:15 +1100
commit	88e341e1ca9502403242a275941b11e509f669fb (patch)
tree	c431601d3544e14ddbbeb24764c68648aa3a9f1e
parent	d995712383c043c4f9d8ca52363e6e1df128dc72 (diff)