diff options
author | markm <markm@FreeBSD.org> | 1997-02-09 15:02:00 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 1997-02-09 15:02:00 +0000 |
commit | f8e325b1925ba81eb389159fbaa1cf6e92c3abf6 (patch) | |
tree | d270f2199b07758d500af093ee007cc14aa01c3e /eBones/libexec/telnetd/sys_term.c | |
parent | 6b544b7e1ac3bfe086f0ac248e2849e539363379 (diff) | |
download | FreeBSD-src-f8e325b1925ba81eb389159fbaa1cf6e92c3abf6.zip FreeBSD-src-f8e325b1925ba81eb389159fbaa1cf6e92c3abf6.tar.gz |
Various buffer overrun fixes and other security enhancements.
Obtained from: PST's fixes to the non-secure telnet{d}
Diffstat (limited to 'eBones/libexec/telnetd/sys_term.c')
-rw-r--r-- | eBones/libexec/telnetd/sys_term.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/eBones/libexec/telnetd/sys_term.c b/eBones/libexec/telnetd/sys_term.c index 5ebd2ad..f9b1617 100644 --- a/eBones/libexec/telnetd/sys_term.c +++ b/eBones/libexec/telnetd/sys_term.c @@ -1667,6 +1667,7 @@ start_login(host, autologin, name) if (auth_level >= 0 && autologin == AUTH_VALID) { # if !defined(NO_LOGIN_F) argv = addarg(argv, "-f"); + argv = addarg(argv, "--"); argv = addarg(argv, name); # else # if defined(LOGIN_R) @@ -1739,17 +1740,14 @@ start_login(host, autologin, name) pty = xpty; } # else + argv = addarg(argv, "--"); argv = addarg(argv, name); # endif # endif } else #endif - if ((user = getenv("USER"))) { - if (strchr(user, '-')) { - syslog(LOG_ERR, "tried to pass user \"%s\" to login", - user); - fatal(net, "invalid user"); - } + if (getenv("USER")) { + argv = addarg(argv, "--"); argv = addarg(argv, getenv("USER")); #if defined(LOGIN_ARGS) && defined(NO_LOGIN_P) { |