From d88ab4bed7f2b51e29ecc41459ace7ae56b707a3 Mon Sep 17 00:00:00 2001
From: pst <pst@FreeBSD.org>
Date: Wed, 24 Apr 1996 20:18:25 +0000
Subject: Close a security hole in sliplogin. If you use sliplogin as a user
 shell (in /etc/passwd) upgrade to this version. Reviewed by:	bde, peter
 Submitted by:	AUS CERT Obtained from:	Linux sliplogin-2.02

---
 usr.sbin/sliplogin/sliplogin.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'usr.sbin/sliplogin')

diff --git a/usr.sbin/sliplogin/sliplogin.c b/usr.sbin/sliplogin/sliplogin.c
index 220ffa8..26b75cf 100644
--- a/usr.sbin/sliplogin/sliplogin.c
+++ b/usr.sbin/sliplogin/sliplogin.c
@@ -88,6 +88,13 @@ static char sccsid[] = "@(#)sliplogin.c	8.2 (Berkeley) 2/1/94";
 #include <signal.h>
 #include "pathnames.h"
 
+extern char **environ;
+
+static char *restricted_environ[] = {
+	"PATH=" _PATH_STDPATH,
+	NULL
+};
+
 int	unit;
 int	slip_mode;
 speed_t speed;
@@ -124,6 +131,8 @@ findid(name)
 	char buf[128];
 	int i, j, n;
 
+	environ = restricted_environ; /* minimal protection for system() */
+
 	(void)strcpy(loginname, name);
 	if ((fp = fopen(_PATH_ACCESS, "r")) == NULL) {
 	accfile_err:
-- 
cgit v1.1