diff options
author | Mats O Jansson <maja@cvs.openbsd.org> | 1998-01-28 21:20:38 +0000 |
---|---|---|
committer | Mats O Jansson <maja@cvs.openbsd.org> | 1998-01-28 21:20:38 +0000 |
commit | 776c38f43a61c41140bdf104cc7be5850e05ea21 (patch) | |
tree | 480b79576eab46f9936572b8c42128a163ce886f /libexec/rpc.yppasswdd/yppasswdd_mkpw.c | |
parent | b2f433aac11b3bab12a0c0e6d4cfd5750dac7c4c (diff) |
Added futher checks... from theo -moj
Diffstat (limited to 'libexec/rpc.yppasswdd/yppasswdd_mkpw.c')
-rw-r--r-- | libexec/rpc.yppasswdd/yppasswdd_mkpw.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c index d5114f03f18..621e2a1e33f 100644 --- a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c +++ b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c @@ -1,4 +1,4 @@ -/* $OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $ */ +/* $OpenBSD: yppasswdd_mkpw.c,v 1.17 1998/01/28 21:20:37 maja Exp $ */ /* * Copyright (c) 1994 Mats O Jansson <moj@stacken.kth.se> @@ -32,7 +32,7 @@ */ #ifndef LINT -static char rcsid[] = "$OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $"; +static char rcsid[] = "$OpenBSD: yppasswdd_mkpw.c,v 1.17 1998/01/28 21:20:37 maja Exp $"; #endif #include <sys/param.h> @@ -58,6 +58,23 @@ extern int make; extern char make_arg[]; extern char *dir; +char * +ok_shell(name) + char *name; +{ + char *p, *sh; + + setusershell(); + while (sh = getusershell()) { + if (!strcmp(name, sh)) + return (name); + /* allow just shell name, but use "real" path */ + if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) + return (sh); + } + return (NULL); +} + int badchars(base) char *base; @@ -169,6 +186,8 @@ make_passwd(argp) goto fail; if (!nogecos && badchars(argp->newpw.pw_shell)) goto fail; + if (!ok_shell(argp->newpw.pw_shell) || !ok_shell(pw.pw_shell)) + goto fail; /* * Get the new password. Reset passwd change time to zero; when |