diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2000-06-05 19:53:41 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-06-05 19:53:41 +0000 |
| commit | 4ad37d37142abb0b8e2221faae3ba1277fbce5f8 (patch) | |
| tree | e94b998c61de1a2b3fac1f99afea230897f347ef | |
| parent | 659793ca09a98aacc67bcdea8657f91a80f86d3a (diff) | |
allow use_login only for login sessions, otherwise remote commands are execed with uid==0
| -rw-r--r-- | usr.bin/ssh/session.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index cfbe932ca27..34bdf8508f1 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -8,7 +8,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.16 2000/05/31 06:36:40 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.17 2000/06/05 19:53:40 markus Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -747,6 +747,10 @@ do_child(const char *command, struct passwd * pw, const char *term, struct stat st; char *argv[10]; + /* login(1) is only called if we execute the login shell */ + if (options.use_login && command != NULL) + options.use_login = 0; + f = fopen("/etc/nologin", "r"); if (f) { /* /etc/nologin exists. Print its contents and exit. */ |