d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f7bd3d5cd8
freebsd-dev/libexec/rexecd
History
nectar 7612195da3 When PAM support was added to rexecd in revision 1.29 (just prior to 
5.0-RELEASE), a visually elusive bug was introduced.  A comparison
operator was changed to assignment.  As a result, rexecd behaved
always as if the `-i' option had been specified.  It would allow root
logins.  This commit corrects the situation in the obvious way.

A separate bug was introduced at the same time.  The PAM library
functions are called between the invocation of getpwnam(3) and the use
of the returned static object.  Since many PAM library functions
result in additional getpwnam(3) calls, the contents of the returned
static object could be changed from under rexecd.  With this commit,
getpwnam_r(3) is used instead.

Other PAM-using applications should be reviewed for similar errors in
getpw* usage.

Security:	rexecd's documented default policy of disallowing root
		logins was not enforced.
Reviewed by:	cperciva
2005-03-27 13:59:44 +00:00
..
Makefile Make WARNS=6-clean. 2005-02-23 17:13:28 +00:00
rexecd.8 Sort sections. 2005-01-18 09:29:40 +00:00
rexecd.c When PAM support was added to rexecd in revision 1.29 (just prior to 2005-03-27 13:59:44 +00:00