diff options
author | nectar <nectar@FreeBSD.org> | 2002-01-15 19:25:55 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2002-01-15 19:25:55 +0000 |
commit | 8db4cdb3da4228a5d93635e43825e2e8a2f66db7 (patch) | |
tree | d6ca9f0c9516f1e2034db231685b990112d2c5d6 /crypto | |
parent | 0c8fa354358381b3f1b92598e7f1b46f8cf744cc (diff) | |
download | FreeBSD-src-8db4cdb3da4228a5d93635e43825e2e8a2f66db7.zip FreeBSD-src-8db4cdb3da4228a5d93635e43825e2e8a2f66db7.tar.gz |
Don't use getlogin() to determine whether we are root.
(Import of vendor fix.)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/heimdal/appl/su/su.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/crypto/heimdal/appl/su/su.c b/crypto/heimdal/appl/su/su.c index b43894b..7dc0c7a 100644 --- a/crypto/heimdal/appl/su/su.c +++ b/crypto/heimdal/appl/su/su.c @@ -138,7 +138,11 @@ krb5_verify(struct passwd *login_info, struct passwd *su_info, #ifdef KRB5 krb5_error_code ret; krb5_principal p; + char *login_name = NULL; +#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) + login_name = getlogin(); +#endif ret = krb5_init_context (&context); if (ret) { #if 0 @@ -147,9 +151,11 @@ krb5_verify(struct passwd *login_info, struct passwd *su_info, return 1; } + if (login_name == NULL || strcmp (login_name, "root") == 0) + login_name = login_info->pw_name; if (strcmp (su_info->pw_name, "root") == 0) ret = krb5_make_principal(context, &p, NULL, - login_info->pw_name, + login_name, kerberos_instance, NULL); else @@ -268,7 +274,6 @@ main(int argc, char **argv) int i, optind = 0; char *su_user; struct passwd *su_info; - char *login_user = NULL; struct passwd *login_info; struct passwd *pwd; @@ -309,10 +314,6 @@ main(int argc, char **argv) } su_info = make_info(pwd); -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_user = getlogin(); -#endif - if(login_user == NULL || (pwd = getpwnam(login_user)) == NULL) pwd = getpwuid(getuid()); if(pwd == NULL) errx(1, "who are you?"); |