From 688e243e64e4deb85f25033338617498f4ea23ed Mon Sep 17 00:00:00 2001
From: bsd <bsd@FreeBSD.org>
Date: Wed, 5 Jul 2000 17:47:17 +0000
Subject: Plug the hole where rshd would bypass a proper .rhosts check if the
 password was empty.

Reviewed by:	Warner Losh <imp@freebsd.org>
---
 libexec/rshd/rshd.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'libexec')

diff --git a/libexec/rshd/rshd.c b/libexec/rshd/rshd.c
index 666182b..374d137 100644
--- a/libexec/rshd/rshd.c
+++ b/libexec/rshd/rshd.c
@@ -399,9 +399,8 @@ doit(fromp)
 
 		if (errorstr ||
 		    (pwd->pw_expire && time(NULL) >= pwd->pw_expire) ||
-		    (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
-		     iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0,
-				 remuser, locuser) < 0)) {
+		    iruserok_sa(fromp, fromp->su_len, pwd->pw_uid == 0,
+				 remuser, locuser) < 0) {
 			if (__rcmd_errstr)
 				syslog(LOG_INFO|LOG_AUTH,
 			    "%s@%s as %s: permission denied (%s). cmd='%.80s'",
-- 
cgit v1.1