summaryrefslogtreecommitdiff
path: root/libexec/rpc.yppasswdd/yppasswdd_mkpw.c
diff options
context:
space:
mode:
authorMats O Jansson <maja@cvs.openbsd.org>1998-01-28 21:20:38 +0000
committerMats O Jansson <maja@cvs.openbsd.org>1998-01-28 21:20:38 +0000
commit776c38f43a61c41140bdf104cc7be5850e05ea21 (patch)
tree480b79576eab46f9936572b8c42128a163ce886f /libexec/rpc.yppasswdd/yppasswdd_mkpw.c
parentb2f433aac11b3bab12a0c0e6d4cfd5750dac7c4c (diff)
Added futher checks... from theo -moj
Diffstat (limited to 'libexec/rpc.yppasswdd/yppasswdd_mkpw.c')
-rw-r--r--libexec/rpc.yppasswdd/yppasswdd_mkpw.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c
index d5114f03f18..621e2a1e33f 100644
--- a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c
+++ b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $ */
+/* $OpenBSD: yppasswdd_mkpw.c,v 1.17 1998/01/28 21:20:37 maja Exp $ */
/*
* Copyright (c) 1994 Mats O Jansson <moj@stacken.kth.se>
@@ -32,7 +32,7 @@
*/
#ifndef LINT
-static char rcsid[] = "$OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $";
+static char rcsid[] = "$OpenBSD: yppasswdd_mkpw.c,v 1.17 1998/01/28 21:20:37 maja Exp $";
#endif
#include <sys/param.h>
@@ -58,6 +58,23 @@ extern int make;
extern char make_arg[];
extern char *dir;
+char *
+ok_shell(name)
+ char *name;
+{
+ char *p, *sh;
+
+ setusershell();
+ while (sh = getusershell()) {
+ if (!strcmp(name, sh))
+ return (name);
+ /* allow just shell name, but use "real" path */
+ if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0)
+ return (sh);
+ }
+ return (NULL);
+}
+
int
badchars(base)
char *base;
@@ -169,6 +186,8 @@ make_passwd(argp)
goto fail;
if (!nogecos && badchars(argp->newpw.pw_shell))
goto fail;
+ if (!ok_shell(argp->newpw.pw_shell) || !ok_shell(pw.pw_shell))
+ goto fail;
/*
* Get the new password. Reset passwd change time to zero; when