d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a69c43548d
freebsd-dev/libexec
History
Jacques Vidrine 0fcbbd7bea When PAM support was added to rexecd in revision 1.29 (just prior to 
5.0-RELEASE), a visually elusive bug was introduced.  A comparison
operator was changed to assignment.  As a result, rexecd behaved
always as if the `-i' option had been specified.  It would allow root
logins.  This commit corrects the situation in the obvious way.

A separate bug was introduced at the same time.  The PAM library
functions are called between the invocation of getpwnam(3) and the use
of the returned static object.  Since many PAM library functions
result in additional getpwnam(3) calls, the contents of the returned
static object could be changed from under rexecd.  With this commit,
getpwnam_r(3) is used instead.

Other PAM-using applications should be reviewed for similar errors in
getpw* usage.

Security:	rexecd's documented default policy of disallowing root
		logins was not enforced.
Reviewed by:	cperciva
2005-03-27 13:59:44 +00:00
..
atrun Fix a few cases that relied on 'implicit int' (constraint violation in C99). 2004-07-11 17:37:33 +00:00
bootpd Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
comsat Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
fingerd Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
ftp-proxy Add skeleton build dirs for pf userland: 2004-02-28 21:50:50 +00:00
ftpd Add some consistency checks to the signal-related code. 2005-02-16 11:35:51 +00:00
getty Sort sections. 2005-01-18 09:29:40 +00:00
lukemftpd NOPAM -> NO_PAM 2004-12-21 12:49:24 +00:00
mail.local Remove MAINTAINER= lines from individual Makefiles in favor of the 2003-07-07 03:54:04 +00:00
makekey Markup nit. 2004-05-16 22:11:56 +00:00
mknetid Expand *n't contractions. 2005-02-13 22:25:33 +00:00
pppoed Expand contractions. 2005-02-13 23:45:54 +00:00
pt_chown Let bsd.prog.mk set SRCS and MAN to their default values. 2005-01-28 16:08:11 +00:00
rbootd Avoid accidental use of ANSI C trigraphs. 2004-08-21 07:23:41 +00:00
revnetgroup Sync program's usage() with manpage's SYNOPSIS. 2005-02-09 20:36:12 +00:00
rexecd When PAM support was added to rexecd in revision 1.29 (just prior to 2005-03-27 13:59:44 +00:00
rlogind Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rpc.rquotad Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rpc.rstatd Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rpc.rusersd Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rpc.rwalld Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rpc.sprayd Fix most cases where the address of an int is passed to a function expecting a 2005-02-14 17:42:58 +00:00
rshd Use sysconf(_SC_ARG_MAX) instead of NCARGS. 2005-03-21 08:01:14 +00:00
rtld-aout 64-bit clean + WARNS=6: 2005-01-14 12:22:57 +00:00
rtld-elf If "dangerous" environment variables (LD_PRELOAD, LD_LIBMAP, 2005-03-24 10:12:29 +00:00
save-entropy Start the dreaded NOFOO -> NO_FOO conversion. 2004-12-21 08:47:35 +00:00
smrsh Remove MAINTAINER= lines from individual Makefiles in favor of the 2003-07-07 03:54:04 +00:00
talkd Whitespace. 2004-06-14 22:44:13 +00:00
tcpd NOINET6 -> NO_INET6 2004-12-21 10:49:29 +00:00
telnetd NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
tftpd - Use socklen_t. 2005-02-14 17:59:52 +00:00
ypxfr Expand *n't contractions. 2005-02-13 22:25:33 +00:00
Makefile Install rlogind(8). Pointy hat is available on request. 2005-03-03 15:59:32 +00:00
Makefile.inc Lock down with WFORMAT?=1, with overrides in the subdirectories which 2002-02-04 02:33:51 +00:00