diff options
| author | bsd <bsd@FreeBSD.org> | 2000-07-05 17:47:17 +0000 |
|---|---|---|
| committer | bsd <bsd@FreeBSD.org> | 2000-07-05 17:47:17 +0000 |
| commit | 688e243e64e4deb85f25033338617498f4ea23ed (patch) | |
| tree | fb6ed5c0f15a4dcacd9d5ea8fbd20c750e63c343 /libexec | |
| parent | 72c0a8a9d4c7aa7b4c5cfc338c7adce925d57f6a (diff) | |
| download | FreeBSD-src-688e243e64e4deb85f25033338617498f4ea23ed.zip FreeBSD-src-688e243e64e4deb85f25033338617498f4ea23ed.tar.gz | |
Plug the hole where rshd would bypass a proper .rhosts check if the
password was empty.
Reviewed by: Warner Losh <imp@freebsd.org>
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/rshd/rshd.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/libexec/rshd/rshd.c b/libexec/rshd/rshd.c index 666182b..374d137 100644 --- a/libexec/rshd/rshd.c +++ b/libexec/rshd/rshd.c @@ -399,9 +399,8 @@ doit(fromp) if (errorstr || (pwd->pw_expire && time(NULL) >= pwd->pw_expire) || - (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && - iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0, - remuser, locuser) < 0)) { + iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0, + remuser, locuser) < 0) { if (__rcmd_errstr) syslog(LOG_INFO|LOG_AUTH, "%s@%s as %s: permission denied (%s). cmd='%.80s'", |
