diff options
| -rw-r--r-- | usr.bin/ssh/auth.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index 1f0ba30baf7..df193f0760e 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.19 2001/03/02 18:54:31 deraadt Exp $"); +RCSID("$OpenBSD: auth.c,v 1.20 2001/03/17 17:27:59 markus Exp $"); #include "xmalloc.h" #include "match.h" @@ -50,7 +50,7 @@ int allowed_user(struct passwd * pw) { struct stat st; - char *shell; + char *shell, *cp; int i; /* Shouldn't be called if pw is NULL, but better safe than sorry... */ @@ -63,6 +63,15 @@ allowed_user(struct passwd * pw) */ shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; + /* disallow anyone who does not have a standard shell */ + setusershell(); + while ((cp = getusershell()) != NULL) + if (strcmp(cp, shell) == 0) + break; + endusershell(); + if (cp == NULL) + return 0; + /* deny if shell does not exists or is not executable */ if (stat(shell, &st) != 0) return 0; |