Fix security botch in "UseLogin Yes" case: commands are executed with

uid 0. Obtained from: OpenBSD
author: kris <kris@FreeBSD.org> 2000-06-10 22:32:57 +0000
committer: kris <kris@FreeBSD.org> 2000-06-10 22:32:57 +0000
commit: ad6da2a572d407fcefb6e59135d685555e001b20 (patch)
tree: 9aa2b06a046d420e510d2f4c8baac2f0ebc79059 /crypto
parent: 514604f6297fde70cf9b7877c5995c8160434365 (diff)
download: FreeBSD-src-ad6da2a572d407fcefb6e59135d685555e001b20.zip
FreeBSD-src-ad6da2a572d407fcefb6e59135d685555e001b20.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c
index f4c615d..80fb49c 100644
--- a/crypto/openssh/session.c
+++ b/crypto/openssh/session.c
@@ -858,6 +858,10 @@ do_child(const char *command, struct passwd * pw, const char *term,
 	struct stat st;
 	char *argv[10];
 
+	/* login(1) is only called if we execute the login shell */
+	if (options.use_login && command != NULL)
+		options.use_login = 0;
+
 #ifdef LOGIN_CAP
 	login_cap_t *lc;
author	kris <kris@FreeBSD.org>	2000-06-10 22:32:57 +0000
committer	kris <kris@FreeBSD.org>	2000-06-10 22:32:57 +0000
commit	ad6da2a572d407fcefb6e59135d685555e001b20 (patch)
tree	9aa2b06a046d420e510d2f4c8baac2f0ebc79059 /crypto
parent	514604f6297fde70cf9b7877c5995c8160434365 (diff)
download	FreeBSD-src-ad6da2a572d407fcefb6e59135d685555e001b20.zip FreeBSD-src-ad6da2a572d407fcefb6e59135d685555e001b20.tar.gz