Don't bypass password prompt for root logins on insecure tty if

the root password is empty.
1997-03-25 05:15:04 +00:00 · 1997-03-25 05:15:04 +00:00 · f257ef4b88
commit f257ef4b88
parent 5dc5a09bf1
1 changed files with 5 additions and 3 deletions
--- a/usr.bin/login/login.c
+++ b/usr.bin/login/login.c
@ -350,9 +350,11 @@ main(argc, argv)
 				/* already authenticated */
 				break;
 			} else if (pwd->pw_passwd[0] == '\0') {
-				/* pretend password okay */
-				rval = 0;
-				goto ttycheck;
+				if (rootlogin && !rootok) {
+					/* pretend password okay */
+					rval = 0;
+					goto ttycheck;
+				}
 			}
 		}