Bug#556522: hurd - using the login shell is insecure
Justus Winter, le Wed 12 Jan 2011 00:39:35 +0100, a écrit :
> diff -r a95557dc73eb daemons/getty.c
> --- a/daemons/getty.c Tue Jan 11 00:00:32 2011 +0000
> +++ b/daemons/getty.c Tue Jan 11 23:38:12 2011 +0000
> @@ -129,10 +129,10 @@
>
> if (tt && strcmp (tt->ty_type, "dialup") == 0)
> /* Dialup lines time out (which is login's default). */
> - execl (_PATH_LOGIN, "login", "-e", arg, NULL);
> + execl (_PATH_LOGIN, "login", "--no-passwd", "-aMOTD", "-e", arg, "login", NULL);
> else
> /* Hardwired lines don't. */
> - execl (_PATH_LOGIN, "login", "-e", arg, "-aNOAUTH_TIMEOUT", NULL);
> + execl (_PATH_LOGIN, "login", "--no-passwd", "-aMOTD", "-e", arg, "-aNOAUTH_TIMEOUT", "login", NULL);
>
> syslog (LOG_ERR, "%s: %m", _PATH_LOGIN);
Mmm, why these?
Samuel
Reply to: