diff options
author | Damien Miller <djm@mindrot.org> | 2000-05-19 00:03:23 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-05-19 00:03:23 +1000 |
commit | ef7df540735d5ee8889f7f87cc74fc4ec5f4e260 (patch) | |
tree | 1609226853230fa95f88c03b9e69b506558a7acb /auth.c | |
parent | 912d9752c29b8d39c59a164da26fccc28636f951 (diff) |
- Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
- OpenBSD CVS updates:
- markus@cvs.openbsd.org
[sshconnect.c]
copy only ai_addrlen bytes; misiek@pld.org.pl
[auth.c]
accept an empty shell in authentication; bug reported by
chris@tinker.ucr.edu
[serverloop.c]
we don't have stderr for interactive terminal sessions (fcntl errors)
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -5,7 +5,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -48,6 +48,7 @@ allowed_user(struct passwd * pw) { struct stat st; struct group *grp; + char *shell; int i; #ifdef WITH_AIXAUTHENTICATE char *loginmsg; @@ -58,7 +59,14 @@ allowed_user(struct passwd * pw) return 0; /* deny if shell does not exists or is not executable */ - if (stat(pw->pw_shell, &st) != 0) + /* + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; + + /* deny if shell does not exists or is not executable */ + if (stat(shell, &st) != 0) return 0; if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) return 0; |