diff options
Diffstat (limited to 'crypto/kerberosIV/appl/bsd/login.c')
-rw-r--r-- | crypto/kerberosIV/appl/bsd/login.c | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/crypto/kerberosIV/appl/bsd/login.c b/crypto/kerberosIV/appl/bsd/login.c index 0d29ebe..f2f0873 100644 --- a/crypto/kerberosIV/appl/bsd/login.c +++ b/crypto/kerberosIV/appl/bsd/login.c @@ -45,7 +45,7 @@ #include <sys/capability.h> #endif -RCSID("$Id: login.c,v 1.125 1999/11/30 19:24:01 bg Exp $"); +RCSID("$Id: login.c,v 1.125.2.2 2000/06/23 02:33:07 assar Exp $"); #ifdef OTP #include <otp.h> @@ -596,22 +596,28 @@ main(int argc, char **argv) if (pwd->pw_change || pwd->pw_expire) gettimeofday(&tp, (struct timezone *)NULL); - if (pwd->pw_change) + if (pwd->pw_change) { + time_t t; + if (tp.tv_sec >= pwd->pw_change) { printf("Sorry -- your password has expired.\n"); changepass=1; } else if (pwd->pw_change - tp.tv_sec < - 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) + 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) { + t = pwd->pw_change; printf("Warning: your password expires on %s", - ctime(&pwd->pw_change)); + ctime(&t)); + } if (pwd->pw_expire) if (tp.tv_sec >= pwd->pw_expire) { printf("Sorry -- your account has expired.\n"); sleepexit(1); } else if (pwd->pw_expire - tp.tv_sec < - 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) + 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) { + t = pwd->pw_expire; printf("Warning: your account expires on %s", - ctime(&pwd->pw_expire)); + ctime(&t)); + } #endif /* defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE) */ /* Nothing else left to fail -- really log in. */ @@ -788,6 +794,11 @@ main(int argc, char **argv) if(!rootlogin) exit(1); } + if (uid != 0 && setuid(0) != -1) { + syslog(LOG_ALERT | LOG_AUTH, + "Failed to drop privileges for user %d", uid); + errx(1, "Sorry"); + } } @@ -953,6 +964,7 @@ dolastlog(int quiet) #if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H) struct lastlog ll; int fd; + time_t t; if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET); @@ -966,8 +978,8 @@ dolastlog(int quiet) sleepexit(1); } if (!quiet) { - printf("Last login: %.*s ", - 24-5, ctime(&ll.ll_time)); + t = ll.ll_time; + printf("Last login: %.*s ", 24-5, ctime(&t)); if (*ll.ll_host != '\0') { printf("from %.*s\n", (int)sizeof(ll.ll_host), @@ -983,8 +995,8 @@ dolastlog(int quiet) if (!quiet) { if (read(fd, &ll, sizeof(ll)) == sizeof(ll) && ll.ll_time != 0) { - printf("Last login: %.*s ", - 24-5, ctime(&ll.ll_time)); + t = ll.ll_time; + printf("Last login: %.*s ", 24-5, ctime(&t)); if (*ll.ll_host != '\0') printf("from %.*s\n", (int)sizeof(ll.ll_host), @@ -998,7 +1010,7 @@ dolastlog(int quiet) } #endif /* SYSV_SHADOW */ memset(&ll, 0, sizeof(ll)); - time(&ll.ll_time); + ll.ll_time = time(NULL); strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); if (hostname) strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); |