diff options
author | markm <markm@FreeBSD.org> | 1996-03-11 22:14:52 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 1996-03-11 22:14:52 +0000 |
commit | f51e87f98c1b1d0cea19ea9c01de1c028bc90008 (patch) | |
tree | 001269d7141d378b439b00dd1e64d978baf2b39f /usr.bin/su | |
parent | d3d6c3d3efb134a94c33edee8db7835f5771220e (diff) | |
download | FreeBSD-src-f51e87f98c1b1d0cea19ea9c01de1c028bc90008.zip FreeBSD-src-f51e87f98c1b1d0cea19ea9c01de1c028bc90008.tar.gz |
Make su a little less fascist about using Kerberos if it is not
configured or available.
Also fix a _nasty_ bug that would let one in if su -K was used.
Any old password would work :-( :-(.
Diffstat (limited to 'usr.bin/su')
-rw-r--r-- | usr.bin/su/su.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c index ae40f00..555f712 100644 --- a/usr.bin/su/su.c +++ b/usr.bin/su/su.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94"; */ static const char rcsid[] = - "$Id$"; + "$Id: su.c,v 1.12 1996/03/09 14:57:43 markm Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -186,9 +186,10 @@ main(argc, argv) if (ruid) { #ifdef KERBEROS if (use_kerberos && koktologin(username, user) - && !pwd->pw_uid) - errx(1, "kerberos: not in %s's ACL.", user); - else + && !pwd->pw_uid) { + warnx("kerberos: not in %s's ACL.", user); + use_kerberos = 0; + } #endif { /* only allow those in group zero to su to root. */ @@ -228,8 +229,8 @@ main(argc, argv) if (strcmp(pwd->pw_passwd, crypt(p, pwd->pw_passwd))) { #endif #ifdef KERBEROS - if (use_kerberos && - kerberos(username, user, pwd->pw_uid, p) + if (!use_kerberos || (use_kerberos && + kerberos(username, user, pwd->pw_uid, p)) ) #endif { |