emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do

Browse Source 
not get set to unsanitized values.
This commit is contained in:
nekral-guest 2009-04-19 13:33:24 +00:00
parent d2a822fe39
commit 8156c3b0be
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
2009-04-19 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
not get set to unsanitized values.
2009-04-17 Paul Szabo <psz@maths.usyd.edu.au> 2009-04-17 Paul Szabo <psz@maths.usyd.edu.au>
* NEWS, src/login.c: Do not trust the current utmp entry's ut_line * NEWS, src/login.c: Do not trust the current utmp entry's ut_line

3
src/login.c
View File

@ -657,6 +657,9 @@ int main (int argc, char **argv)
* hostname & tty are either set to NULL or their correct values, * hostname & tty are either set to NULL or their correct values,
* depending on how much we know. We also set PAM's fail delay to * depending on how much we know. We also set PAM's fail delay to
* ours. * ours.
*
* PAM_RHOST and PAM_TTY are used for authentication, only use
* information coming from login or from the caller (e.g. no utmp)
*/ */
retcode = pam_set_item (pamh, PAM_RHOST, hostname); retcode = pam_set_item (pamh, PAM_RHOST, hostname);
PAM_FAIL_CHECK; PAM_FAIL_CHECK;