diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2000-05-17 21:37:25 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2000-05-17 21:37:25 +0000 |
| commit | 715ea59f6afe197fac80665471b4b6bda447ed21 (patch) | |
| tree | e4a4cfd94d070ba4482cc854a217c061c99e9c75 /usr.bin | |
| parent | 275ee2782bed05bdb22f30e36af6b55529cb99dd (diff) | |
accept an empty shell in authentication; bug reported by chris@tinker.ucr.edu
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/auth.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index d3425a237a7..20e9760c428 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -5,7 +5,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -45,14 +45,21 @@ allowed_user(struct passwd * pw) { struct stat st; struct group *grp; + char *shell; int i; /* Shouldn't be called if pw is NULL, but better safe than sorry... */ if (!pw) return 0; + /* + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; + /* deny if shell does not exists or is not executable */ - if (stat(pw->pw_shell, &st) != 0) + if (stat(shell, &st) != 0) return 0; if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) return 0; |