diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-01-15 11:44:46 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-15 11:44:46 +1100 |
commit | 94881d8dbb228e170d476d35fb523425c0c4c001 (patch) | |
tree | d6f689ab3d1ff6eccbf79cf70f5995b0c0ba7d33 /auth.c | |
parent | 75fe626489bbafd966332db1b4801fee0c179ffd (diff) |
- djm@cvs.openbsd.org 2010/01/13 23:47:26
[auth.c]
when using ChrootDirectory, make sure we test for the existence of the
user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
ok dtucker
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 26 |
1 files changed, 23 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.82 2010/01/13 00:19:04 dtucker Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.83 2010/01/13 23:47:26 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -95,7 +95,7 @@ allowed_user(struct passwd * pw) | |||
95 | { | 95 | { |
96 | struct stat st; | 96 | struct stat st; |
97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
98 | char *shell; | 98 | char *shell, *tmp, *chroot_path; |
99 | u_int i; | 99 | u_int i; |
100 | #ifdef USE_SHADOW | 100 | #ifdef USE_SHADOW |
101 | struct spwd *spw = NULL; | 101 | struct spwd *spw = NULL; |
@@ -156,20 +156,40 @@ allowed_user(struct passwd * pw) | |||
156 | * Get the shell from the password data. An empty shell field is | 156 | * Get the shell from the password data. An empty shell field is |
157 | * legal, and means /bin/sh. | 157 | * legal, and means /bin/sh. |
158 | */ | 158 | */ |
159 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; | 159 | shell = xstrdup((pw->pw_shell[0] == '\0') ? |
160 | _PATH_BSHELL : pw->pw_shell); | ||
161 | |||
162 | /* | ||
163 | * Amend shell if chroot is requested. | ||
164 | */ | ||
165 | if (options.chroot_directory != NULL && | ||
166 | strcasecmp(options.chroot_directory, "none") != 0) { | ||
167 | tmp = tilde_expand_filename(options.chroot_directory, | ||
168 | pw->pw_uid); | ||
169 | chroot_path = percent_expand(tmp, "h", pw->pw_dir, | ||
170 | "u", pw->pw_name, (char *)NULL); | ||
171 | xfree(tmp); | ||
172 | xasprintf(&tmp, "%s/%s", chroot_path, shell); | ||
173 | xfree(shell); | ||
174 | shell = tmp; | ||
175 | free(chroot_path); | ||
176 | } | ||
160 | 177 | ||
161 | /* deny if shell does not exists or is not executable */ | 178 | /* deny if shell does not exists or is not executable */ |
162 | if (stat(shell, &st) != 0) { | 179 | if (stat(shell, &st) != 0) { |
163 | logit("User %.100s not allowed because shell %.100s does not exist", | 180 | logit("User %.100s not allowed because shell %.100s does not exist", |
164 | pw->pw_name, shell); | 181 | pw->pw_name, shell); |
182 | xfree(shell); | ||
165 | return 0; | 183 | return 0; |
166 | } | 184 | } |
167 | if (S_ISREG(st.st_mode) == 0 || | 185 | if (S_ISREG(st.st_mode) == 0 || |
168 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { | 186 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { |
169 | logit("User %.100s not allowed because shell %.100s is not executable", | 187 | logit("User %.100s not allowed because shell %.100s is not executable", |
170 | pw->pw_name, shell); | 188 | pw->pw_name, shell); |
189 | xfree(shell); | ||
171 | return 0; | 190 | return 0; |
172 | } | 191 | } |
192 | xfree(shell); | ||
173 | 193 | ||
174 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || | 194 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || |
175 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 195 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { |