diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2002-11-22 18:06:49 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2002-11-22 18:06:49 +0000 |
| commit | 5f01139e9a19eab7f08d38e5fe0986bbcdc4314b (patch) | |
| tree | 72ab38acdda7ea9f5ca0bbe53cc9338c03b27773 | |
| parent | 290a24e19f735ad47e2396a1ed1dc13f43cac0ea (diff) | |
Disallow non-interactive sessions, to avoid problem of users scp'ing
to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
| -rw-r--r-- | usr.sbin/authpf/authpf.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c index 44f1b34f1d9..4205f618075 100644 --- a/usr.sbin/authpf/authpf.c +++ b/usr.sbin/authpf/authpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authpf.c,v 1.26 2002/11/19 02:18:50 deraadt Exp $ */ +/* $OpenBSD: authpf.c,v 1.27 2002/11/22 18:06:48 beck Exp $ */ /* * Copyright (C) 1998 - 2002 Bob Beck (beck@openbsd.org). @@ -114,6 +114,11 @@ main(int argc, char *argv[]) if (config == NULL) exit(1); + if ((cp = getenv("SSH_TTY")) == NULL) { + syslog(LOG_ERR, "Non-interactive session connection for authpf"); + exit(1); + } + if ((cp = getenv("SSH_CLIENT")) == NULL) { syslog(LOG_ERR, "Can't determine connection source"); exit(1); |