Plug the hole where rshd would bypass a proper .rhosts check if the

password was empty. Reviewed by: Warner Losh <imp@freebsd.org>
2000-07-05 17:47:17 +00:00 · 2000-07-05 17:47:17 +00:00 · f2b5eea7aa
commit f2b5eea7aa
parent 09d308a828
1 changed files with 2 additions and 3 deletions
--- a/libexec/rshd/rshd.c
+++ b/libexec/rshd/rshd.c
@ -399,9 +399,8 @@ doit(fromp)

 		if (errorstr ||
 		    (pwd->pw_expire && time(NULL) >= pwd->pw_expire) ||
-		    (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
-		     iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0,
-				 remuser, locuser) < 0)) {
+		    iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0,
+				 remuser, locuser) < 0) {
 			if (__rcmd_errstr)
 				syslog(LOG_INFO|LOG_AUTH,
 			    "%s@%s as %s: permission denied (%s). cmd='%.80s'",