diff options
| author | Karel Zak | 2007-03-08 22:35:38 +0100 |
|---|---|---|
| committer | Karel Zak | 2007-03-08 22:35:38 +0100 |
| commit | 62eabbf4a9536882fff9dad24f287ea709219f0f (patch) | |
| tree | fe483ec20d640f1c02ec49797be16eb1d0fc9ef8 /login-utils/login.c | |
| parent | login: keep syslog useful for end of PAM session. (diff) | |
| download | kernel-qcow2-util-linux-62eabbf4a9536882fff9dad24f287ea709219f0f.tar.gz kernel-qcow2-util-linux-62eabbf4a9536882fff9dad24f287ea709219f0f.tar.xz kernel-qcow2-util-linux-62eabbf4a9536882fff9dad24f287ea709219f0f.zip | |
login: attempt to run if it has no read/write access to its terminal
If you manage to exec login with a userid other than root, and its
input / output directed to a terminal for which it does not have
read/write access, it will attempt to proceed (and can potentially
hang forever -- but this hang has been fixed in a previous commit).
It's better to check if we have permissions for terminal rather than
do any useless things.
From: Jason Vas Dias <jvdias@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/login.c')
| -rw-r--r-- | login-utils/login.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/login-utils/login.c b/login-utils/login.c index 6ad8fcc80..3948cb7d1 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -223,7 +223,8 @@ check_ttyname(char *ttyn) { if (lstat(ttyn, &statbuf) || !S_ISCHR(statbuf.st_mode) - || (statbuf.st_nlink > 1 && strncmp(ttyn, "/dev/", 5))) { + || (statbuf.st_nlink > 1 && strncmp(ttyn, "/dev/", 5)) + || (access(ttyn, R_OK | W_OK) != 0)) { syslog(LOG_ERR, _("FATAL: bad tty")); sleep(1); exit(1); |