[Pkg-shadow-commits] r2708 - in upstream/trunk: . src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Sun Apr 19 13:33:25 UTC 2009
Author: nekral-guest
Date: 2009-04-19 13:33:24 +0000 (Sun, 19 Apr 2009)
New Revision: 2708
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/login.c
Log:
* src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
not get set to unsanitized values.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2009-04-17 21:25:30 UTC (rev 2707)
+++ upstream/trunk/ChangeLog 2009-04-19 13:33:24 UTC (rev 2708)
@@ -1,3 +1,8 @@
+2009-04-19 Nicolas François <nicolas.francois at centraliens.net>
+
+ * src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
+ not get set to unsanitized values.
+
2009-04-17 Paul Szabo <psz at maths.usyd.edu.au>
* NEWS, src/login.c: Do not trust the current utmp entry's ut_line
Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c 2009-04-17 21:25:30 UTC (rev 2707)
+++ upstream/trunk/src/login.c 2009-04-19 13:33:24 UTC (rev 2708)
@@ -657,6 +657,9 @@
* hostname & tty are either set to NULL or their correct values,
* depending on how much we know. We also set PAM's fail delay to
* ours.
+ *
+ * PAM_RHOST and PAM_TTY are used for authentication, only use
+ * information coming from login or from the caller (e.g. no utmp)
*/
retcode = pam_set_item (pamh, PAM_RHOST, hostname);
PAM_FAIL_CHECK;
More information about the Pkg-shadow-commits
mailing list