- itojun@cvs.openbsd.org 2002/03/15 11:00:38

     [auth.c]
     fix file type checking (use S_ISREG).  ok by markus

2 files changed, 7 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 7db349fd6..2c670f358 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,9 @@
    - markus@cvs.openbsd.org 2002/03/14 16:56:33
      [auth-rh-rsa.c auth-rsa.c auth.h]
      split auth_rsa() for better readability and privsep; ok provos@
+   - itojun@cvs.openbsd.org 2002/03/15 11:00:38
+     [auth.c]
+     fix file type checking (use S_ISREG).  ok by markus
 
 20020317
  - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
@@ -7864,4 +7867,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1929 2002/03/22 01:12:58 mouring Exp $
+$Id: ChangeLog,v 1.1930 2002/03/22 01:15:33 mouring Exp $
diff --git a/auth.c b/auth.c
index 26dce5b67..de004515f 100644
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.35 2002/03/01 13:12:10 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.36 2002/03/15 11:00:38 itojun Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -110,7 +110,8 @@ allowed_user(struct passwd * pw)
                     pw->pw_name, shell);
                 return 0;
         }
-        if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) {
+        if (S_ISREG(st.st_mode) == 0 ||
+            (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
                 log("User %.100s not allowed because shell %.100s is not executable",
                     pw->pw_name, shell);
                 return 0;