brl-vgr Bug Report
ron at BRL.ARPA
ron at BRL.ARPA
Tue Oct 14 09:03:48 AEST 1986
Subject: FTP daemon doesn't like Bourne shell users
Index: etc/ftpd/ftpd.c 4.3BSD
Description:
The FTP daemon denies access to users who have the default
login shell (/bin/sh).
Repeat-By:
chsh to /bin/sh and then try to FTP to your account.
Fix:
Ftpd attempts to verify the user's shell against those in
/etc/shells to prevent accounts like finger from being FTP
targets. However, getpwent returns a string with a null
in it if the shell field is blank and Ftpd tries to compare
this against /bin/sh and misses.
This fix avoids the check if the user is using the default system
shell. Add the if statement around the getusershell lookup.
if(*pw->pw_shell != 0) {
while ((cp = getusershell()) != NULL)
if (strcmp(cp, pw->pw_shell) == 0)
break;
endusershell();
if (cp == NULL)
return (0);
}
More information about the Comp.unix.wizards
mailing list