aboutsummaryrefslogtreecommitdiffstats
path: root/security/heimdal
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2001-11-01 03:57:35 +0800
committernectar <nectar@FreeBSD.org>2001-11-01 03:57:35 +0800
commit1a15da1619aa0355ef480ddd6ab12d348a558b28 (patch)
tree70a23465112cf8d9f869858765d6bec986bb0d65 /security/heimdal
parentdc41b47a7af69a085db87c7f8026ab3bae305e45 (diff)
downloadfreebsd-ports-graphics-1a15da1619aa0355ef480ddd6ab12d348a558b28.tar.gz
freebsd-ports-graphics-1a15da1619aa0355ef480ddd6ab12d348a558b28.tar.zst
freebsd-ports-graphics-1a15da1619aa0355ef480ddd6ab12d348a558b28.zip
su: Don't use the result of getlogin() to determine whether we are the
superuser. Always use getuid() instead. Submitted by: Johan Danielsson <joda@pdc.kth.se>
Diffstat (limited to 'security/heimdal')
-rw-r--r--security/heimdal/files/patch-appl::su::su.c46
1 files changed, 46 insertions, 0 deletions
diff --git a/security/heimdal/files/patch-appl::su::su.c b/security/heimdal/files/patch-appl::su::su.c
new file mode 100644
index 00000000000..1fa71c03819
--- /dev/null
+++ b/security/heimdal/files/patch-appl::su::su.c
@@ -0,0 +1,46 @@
+--- appl/su/su.c.orig Wed Aug 22 15:35:38 2001
++++ appl/su/su.c Wed Oct 31 13:14:50 2001
+@@ -152,7 +152,11 @@
+ #ifdef KRB5
+ krb5_error_code ret;
+ krb5_principal p;
++ char *login_name = NULL;
+
++#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN)
++ login_name = getlogin();
++#endif
+ ret = krb5_init_context (&context);
+ if (ret) {
+ #if 0
+@@ -161,9 +165,11 @@
+ return 1;
+ }
+
++ if (login_name == NULL || strcmp (login_name, "root") == 0)
++ login_name = login_info->pw_name;
+ if (strcmp (su_info->pw_name, "root") == 0)
+ ret = krb5_make_principal(context, &p, NULL,
+- login_info->pw_name,
++ login_name,
+ kerberos_instance,
+ NULL);
+ else
+@@ -282,7 +288,6 @@
+ int i, optind = 0;
+ char *su_user;
+ struct passwd *su_info;
+- char *login_user = NULL;
+ struct passwd *login_info;
+
+ struct passwd *pwd;
+@@ -325,10 +330,6 @@
+ if (su_info == NULL)
+ errx (1, "malloc: out of memory");
+
+-#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN)
+- login_user = getlogin();
+-#endif
+- if(login_user == NULL || (pwd = getpwnam(login_user)) == NULL)
+ pwd = getpwuid(getuid());
+ if(pwd == NULL)
+ errx(1, "who are you?");