Disable per-user .login_conf support due to incorrect merging of local

and globaly settings.  An alternative implementation will be developed.

Reported by:	Przemyslaw Frasunek <venglin@freebsd.lublin.pl>

2 files changed, 5 insertions, 0 deletions

diff --git a/lib/libutil/login.conf.5 b/lib/libutil/login.conf.5
index 37580b6..f270630 100644
--- a/lib/libutil/login.conf.5
+++ b/lib/libutil/login.conf.5
@@ -60,6 +60,8 @@ to set user-defined environment settings which override those specified
 in the system login capabilities database.
 Only a subset of login capabilities may be overridden, typically those
 which do not involve authentication, resource limits and accounting.
+NOTE: this feature is compile-time disabled by default due to potential
+security risks.
 .Pp
 Records in a class capabilities database consist of a number of
 colon-separated fields.
diff --git a/lib/libutil/login_cap.c b/lib/libutil/login_cap.c
index 85883be..bb4c080 100644
--- a/lib/libutil/login_cap.c
+++ b/lib/libutil/login_cap.c
@@ -193,6 +193,9 @@ login_getclassbyname(char const *name, const struct passwd *pwd)
 
 	static char *login_dbarray[] = { NULL, NULL, NULL };
 
+#ifndef _FILE_LOGIN_CONF_WORKS
+	dir = NULL;
+#endif
 	/*
 	 * Switch to user mode before checking/reading its ~/.login_conf
 	 * - some NFSes have root read access disabled.