Never allow a user to use crontab if opening /var/cron/{allow,deny} fails

for any reason other than ENOENT (think resource limits). Close allow and
deny files before allowed() returns to stop the user's EDITOR being able to
read them.

Obtained from:	OpenBSD (partially)

1 files changed, 23 insertions, 16 deletions

diff --git a/usr.sbin/cron/lib/misc.c b/usr.sbin/cron/lib/misc.c
index 195ff9c..89f15e4 100644
--- a/usr.sbin/cron/lib/misc.c
+++ b/usr.sbin/cron/lib/misc.c
@@ -410,31 +410,38 @@ int
 allowed(username)
 	char *username;
 {
-	static int	init = FALSE;
-	static FILE	*allow, *deny;
+	FILE	*allow, *deny;
+	int	isallowed;
+
+	isallowed = FALSE;
 
-	if (!init) {
-		init = TRUE;
 #if defined(ALLOW_FILE) && defined(DENY_FILE)
-		allow = fopen(ALLOW_FILE, "r");
-		deny = fopen(DENY_FILE, "r");
-		Debug(DMISC, ("allow/deny enabled, %d/%d\n", !!allow, !!deny))
+	if ((allow = fopen(ALLOW_FILE, "r")) == NULL && errno != ENOENT)
+		goto out;
+	if ((deny = fopen(DENY_FILE, "r")) == NULL && errno != ENOENT)
+		goto out;
+	Debug(DMISC, ("allow/deny enabled, %d/%d\n", !!allow, !!deny))
 #else
-		allow = NULL;
-		deny = NULL;
+	allow = NULL;
+	deny = NULL;
 #endif
-	}
 
 	if (allow)
-		return (in_file(username, allow));
-	if (deny)
-		return (!in_file(username, deny));
-
+		isallowed = in_file(username, allow);
+	else if (deny)
+		isallowed = !in_file(username, deny);
+	else {
 #if defined(ALLOW_ONLY_ROOT)
-	return (strcmp(username, ROOT_USER) == 0);
+		isallowed = (strcmp(username, ROOT_USER) == 0);
 #else
-	return TRUE;
+		isallowed = TRUE; 
 #endif
+	}
+out:	if (allow)
+		fclose(allow);
+	if (deny)
+		fclose(deny);
+	return (isallowed);
 }