diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2000-06-10 22:32:57 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2000-06-10 22:32:57 +0000 |
| commit | 95e2a710ad374162e9b9f2de26a7547b702e4bb5 (patch) | |
| tree | 45ec2ed5a546574ae149b4f4bcd1c66700b19af6 /crypto/openssh | |
| parent | a931d243fa0e0eef0a29086792feef112dc4141e (diff) | |
| download | src-95e2a710ad374162e9b9f2de26a7547b702e4bb5.tar.gz src-95e2a710ad374162e9b9f2de26a7547b702e4bb5.zip | |
Fix security botch in "UseLogin Yes" case: commands are executed with
uid 0.
Obtained from: OpenBSD
Notes
Notes:
svn path=/head/; revision=61529
Diffstat (limited to 'crypto/openssh')
| -rw-r--r-- | crypto/openssh/session.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index f4c615d23725..80fb49c6bb35 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -858,6 +858,10 @@ do_child(const char *command, struct passwd * pw, const char *term, struct stat st; char *argv[10]; + /* login(1) is only called if we execute the login shell */ + if (options.use_login && command != NULL) + options.use_login = 0; + #ifdef LOGIN_CAP login_cap_t *lc; |