Date: Sun, 17 Jun 2001 09:26:19 +0200 (CEST) From: xaa@dohd.org To: FreeBSD-gnats-submit@freebsd.org Subject: bin/28224: ftpd doesn't honor invalid shelll in login class Message-ID: <20010617072619.669D65E07@tiggr.local.dohd.org>
next in thread | raw e-mail | index | archive | help
>Number: 28224 >Category: bin >Synopsis: ftpd doesn't honor invalid shelll in login class >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Jun 17 00:30:03 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Mark Huizer >Release: FreeBSD 5.0-CURRENT i386 >Organization: Via Net.Works Netherlands >Environment: System: FreeBSD tiggr.local.dohd.org 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Sat Jun 2 10:41:56 MET DST 2001 xaa@eeyore.local.dohd.org:/usr2/sources/obj/usr2/sources/src/sys/tiggr i386 FreeBSD -current and probably all releases since at least 2.2.7 (see the 'closed' PR bin/9516) >Description: a user in a login class with an invalid shell (think 'lockout class') can ftp to his account without any trouble. >How-To-Repeat: create lockoutclass with /usr/bin/false as shell, change user to that class, ftp to his account >Fix: The old patch might still apply, but anyway, the idea is clear: patch to libexec/ftpd.c 772a773,775 > #ifdef LOGIN_CAP > login_cap_t *lc = NULL; > #endif 811a815,825 > #ifdef LOGIN_CAP > lc = login_getpwclass(pw); > if (lc == NULL) { > if ((shell = pw->pw_shell) == NULL || *shell == 0) > shell = _PATH_BSHELL; > } else { > shell = login_getcapstr(lc, "shell", pw->pw_shell, pw->pw_shell); > if (shell==NULL || *shell == 0) > shell = _PATH_BSHELL; > } > #else 813a828 > #endif >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010617072619.669D65E07>