projects / unix-history / blobdiff
? search:
summary | tags | clone url | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
/etc/securetty is checked, even when root logins across the net.
[unix-history] / usr / src / usr.bin / login / login.c
diff --git a/usr/src/usr.bin/login/login.c b/usr/src/usr.bin/login/login.c
index 5cc8ce2..2995dac 100644 (file)
--- a/usr/src/usr.bin/login/login.c
+++ b/usr/src/usr.bin/login/login.c
@@ -1,4 +1,4 @@
-static char *sccsid = "@(#)login.c     4.15 82/03/27";
+static char *sccsid = "@(#)login.c     4.23 83/05/19";
 /*
  * login [ name ]
  * login -r
 /*
  * login [ name ]
  * login -r
@@ -26,7 +26,7 @@ char  qlog[]  =       ".hushlogin";
 char   securetty[] =   "/etc/securetty";
 char   maildir[30] =   "/usr/spool/mail/";
 char   lastlog[] =     "/usr/adm/lastlog";
 char   securetty[] =   "/etc/securetty";
 char   maildir[30] =   "/usr/spool/mail/";
 char   lastlog[] =     "/usr/adm/lastlog";
-struct passwd nouser = {"", "nope"};
+struct passwd nouser = {"", "nope", -1, -1, -1, "", "", "", "" };
 struct sgttyb ttyb;
 struct utmp utmp;
 char   minusnam[16] = "-";
 struct sgttyb ttyb;
 struct utmp utmp;
 char   minusnam[16] = "-";
@@ -50,29 +50,19 @@ int setpwent();
 char   *ttyname();
 char   *crypt();
 char   *getpass();
 char   *ttyname();
 char   *crypt();
 char   *getpass();
-char   *rindex();
 char   *stypeof();
 extern char **environ;
 
 char   *stypeof();
 extern char **environ;
 
-#define        CTRL(c) ('c'&037)
-#define        CERASE  '#'
-#define        CEOT    CTRL(d)
-#define        CKILL   '@'
-#define        CQUIT   034             /* FS, cntl shift L */
-#define        CINTR   0177            /* DEL */
-#define        CSTOP   CTRL(s)
-#define        CSTART  CTRL(q)
-#define        CBRK    0377
-struct tchars tc = {
-       CINTR, CQUIT, CSTART, CSTOP, CEOT, CBRK
-};
-struct ltchars ltc = {
-       CTRL(z), CTRL(y), CTRL(r), CTRL(o), CTRL(w), CTRL(v)
+struct ttychars tc = {
+       CERASE, CKILL,  CINTR,  CQUIT,  CSTART,
+       CSTOP,  CEOF,   CBRK,   CSUSP,  CDSUSP,
+       CRPRNT, CFLUSH, CWERASE,CLNEXT
 };
 
 int    rflag;
 char   rusername[NMAX+1], lusername[NMAX+1];
 char   rpassword[NMAX+1];
 };
 
 int    rflag;
 char   rusername[NMAX+1], lusername[NMAX+1];
 char   rpassword[NMAX+1];
+char   name[NMAX+1];
 char   *rhost;
 
 main(argc, argv)
 char   *rhost;
 
 main(argc, argv)
@@ -106,47 +96,62 @@ char **argv;
                setpwent();
                pwd = getpwnam(lusername);
                endpwent();
                setpwent();
                pwd = getpwnam(lusername);
                endpwent();
-               if (pwd == NULL) {
-                       if (strcmp(rusername, lusername))
-                               printf("%s: No such user\r\n", lusername);
+               if (pwd == NULL)
                        goto abnormal;
                        goto abnormal;
-               }
-               hostf = fopen("/etc/hosts.equiv", "r");
+               hostf = pwd->pw_uid ? fopen("/etc/hosts.equiv", "r") : 0;
        again:
                if (hostf) {
        again:
                if (hostf) {
-                 char ahost[32];
-                 while (fgets(ahost, sizeof (ahost), hostf)) {
-                       char *user;
-                       if (index(ahost, '\n'))
-                               *index(ahost, '\n') = 0;
-                       user = index(ahost, ' ');
-                       if (user)
-                               *user++ = 0;
-                       if (!strcmp(rhost, ahost) &&
-                           !strcmp(rusername, user ? user : lusername)) {
-                               fclose(hostf);
-                               goto normal;
+                       char ahost[32];
+
+                       while (fgets(ahost, sizeof (ahost), hostf)) {
+                               char *user;
+
+                               if ((user = index(ahost, '\n')) != 0)
+                                       *user++ = '\0';
+                               if ((user = index(ahost, ' ')) != 0)
+                                       *user++ = '\0';
+                               if (!strcmp(rhost, ahost) &&
+                                   !strcmp(rusername, user ?
+                                   user : lusername)) {
+                                       fclose(hostf);
+                                       goto normal;
+                               }
                        }
                        }
-                 }
-                 fclose(hostf);
+                       fclose(hostf);
                }
                if (first == 1) {
                }
                if (first == 1) {
+                       char *rhosts = ".rhosts";
+                       struct stat sbuf;
+
                        first = 0;
                        if (chdir(pwd->pw_dir) < 0)
                                goto again;
                        first = 0;
                        if (chdir(pwd->pw_dir) < 0)
                                goto again;
-                       hostf = fopen(".rhosts", "r");
-                       goto again;
+                       if (lstat(rhosts, &sbuf) < 0)
+                               goto again;
+                       if ((sbuf.st_mode & S_IFMT) == S_IFLNK) {
+                               printf("login: .rhosts is a soft link.\r\n");
+                               goto abnormal;
+                       }
+                       hostf = fopen(rhosts, "r");
+                       fstat(fileno(hostf), &sbuf);
+                       if ((int) sbuf.st_uid != pwd->pw_uid &&
+                           (int) sbuf.st_uid != 0) {
+                               printf("login: Bad .rhosts ownership.\r\n");
+                               fclose(hostf);
+                               goto abnormal;
+                       }
+               goto again;
                }
 abnormal:
                rhost = 0;
                rflag = -1;
        }
 normal:
                }
 abnormal:
                rhost = 0;
                rflag = -1;
        }
 normal:
-       ioctl(0, TIOCLSET, &zero);
+       ioctl(0, TIOCLSET, &zero);      /* XXX */
        ioctl(0, TIOCNXCL, 0);
        ioctl(0, FIONBIO, &zero);
        ioctl(0, FIOASYNC, &zero);
        ioctl(0, TIOCNXCL, 0);
        ioctl(0, FIONBIO, &zero);
        ioctl(0, FIOASYNC, &zero);
-       gtty(0, &ttyb);
+       ioctl(0, TIOCGETP, &ttyb);      /* XXX */
        if (rflag) {
                char *cp = index(term, '/');
                if (cp) {
        if (rflag) {
                char *cp = index(term, '/');
                if (cp) {
@@ -160,11 +165,8 @@ normal:
                }
                ttyb.sg_flags = ECHO|CRMOD|ANYP|XTABS;
        }
                }
                ttyb.sg_flags = ECHO|CRMOD|ANYP|XTABS;
        }
-       ttyb.sg_erase = CERASE;
-       ttyb.sg_kill = CKILL;
-       stty(0, &ttyb);
-       ioctl(0, TIOCSETC, &tc);
-       ioctl(0, TIOCSLTC, &ltc);
+       ioctl(0, TIOCSETP, &ttyb);      /* XXX */
+       ioctl(0, TIOCCSET, &tc);
        for (t=3; t<20; t++)
                close(t);
        ttyn = ttyname(0);
        for (t=3; t<20; t++)
                close(t);
        ttyn = ttyname(0);
@@ -180,7 +182,7 @@ normal:
                        argc = 0;
                }
                if (rflag) {
                        argc = 0;
                }
                if (rflag) {
-                       strcpy(utmp.ut_name, lusername);
+                       SCPYN(utmp.ut_name, lusername);
                        if (rflag == -1)
                                rflag = 0;
                } else
                        if (rflag == -1)
                                rflag = 0;
                } else
@@ -296,8 +298,11 @@ normal:
                close(f);
        }
        chown(ttyn, pwd->pw_uid, pwd->pw_gid);
                close(f);
        }
        chown(ttyn, pwd->pw_uid, pwd->pw_gid);
+       chmod(ttyn, 0622);
        setgid(pwd->pw_gid);
        setgid(pwd->pw_gid);
-       inigrp(utmp.ut_name, pwd->pw_gid);
+       strncpy(name, utmp.ut_name, NMAX);
+       name[NMAX] = '\0';
+       initgroups(name, pwd->pw_gid);
        setuid(pwd->pw_uid);
        environ = envinit;
        strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
        setuid(pwd->pw_uid);
        environ = envinit;
        strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
@@ -337,18 +342,16 @@ normal:
 int    stopmotd;
 catch()
 {
 int    stopmotd;
 catch()
 {
+
        signal(SIGINT, SIG_IGN);
        stopmotd++;
 }
 
        signal(SIGINT, SIG_IGN);
        stopmotd++;
 }
 
-/*
- * return true if OK for root to login on this terminal
- */
 rootterm(tty)
 rootterm(tty)
-       char    *tty;
+       char *tty;
 {
        register FILE *fd;
 {
        register FILE *fd;
-       char    buf[100];
+       char buf[100];
 
        if ((fd = fopen(securetty, "r")) == NULL)
                return(1);
 
        if ((fd = fopen(securetty, "r")) == NULL)
                return(1);
Continuous source code history from original PDP-7 UNIX to FreeBSD 2, the first fully unencumbered FreeBSD release.