From owner-freebsd-bugs  Thu Apr 20  4: 0:12 2000
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 3F08F37BDE3
	for <freebsd-bugs@FreeBSD.org>; Thu, 20 Apr 2000 04:00:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id EAA37515;
	Thu, 20 Apr 2000 04:00:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 7C53337B851
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Apr 2000 03:59:34 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id DAA37471;
	Thu, 20 Apr 2000 03:59:34 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Message-Id: <200004201059.DAA37471@freefall.freebsd.org>
Date: Thu, 20 Apr 2000 03:59:34 -0700 (PDT)
From: noroi@mob.or.jp
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-1.0
Subject: misc/18109: if pw_shell is empty(/bin/sh is assumed), cannot login via ssh.
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         18109
>Category:       misc
>Synopsis:       if pw_shell is empty(/bin/sh is assumed), cannot login via ssh.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 20 04:00:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     IKEDA Kenji
>Release:        FreeBSD/i386 4.0-RELEASE
>Organization:
>Environment:
FreeBSD butch.sb.is.dnp.co.jp 4.0-RELEASE FreeBSD 4.0-RELEASE #1: Thu Apr 20 16:31:17 JST 2000     bnateam@butch.sb.is.dnp.co.jp:/usr/src/sys/compile/HASH  i386
>Description:
Whatever pw_shell field is empty, sshd check it.
>How-To-Repeat:
ssh login to the account that has empty pw_shell field.
>Fix:
--- /usr/src/crypto/openssh/sshd.c      Thu Mar  9 23:47:12 2000
+++ sshd.c      Thu Apr 20 19:36:28 2000
@@ -1211,11 +1211,13 @@
 	if (!pw)
 		return 0;
 
+	if (pw->pw_shell[0] != '\0') {
 	/* deny if shell does not exists or is not executable */
 	if (stat(pw->pw_shell, &st) != 0)
 		return 0;
 	if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
 		return 0;
+	}
 
 	/* Return false if user is listed in DenyUsers */
 	if (options.num_deny_users > 0) {


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message