diff options
| author |   millert <millert@openbsd.org> | 1996-12-06 18:12:57 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 1996-12-06 18:12:57 +0000 |
| commit | 9a0a67b250d50d02a0659abf772b1d909e1e4c7f (patch) | |
| tree | 6ff2380b252a2fba199c5961797dad5d3844710d | |
| parent | Change some "test -f" to "test -s" (diff) | |
| download | wireguard-openbsd-9a0a67b250d50d02a0659abf772b1d909e1e4c7f.tar.xz wireguard-openbsd-9a0a67b250d50d02a0659abf772b1d909e1e4c7f.zip | |
check for entry in /etc/skeykeys and ~/.ssh in evil system()
| -rw-r--r-- | etc/security | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/security b/etc/security index 8f257f5f4ff..a4e930ba4eb 100644 --- a/etc/security +++ b/etc/security @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: security,v 1.15 1996/12/06 17:51:49 millert Exp $ +# $OpenBSD: security,v 1.16 1996/12/06 18:12:57 millert Exp $ # from: @(#)security 8.1 (Berkeley) 6/9/93 # @@ -43,7 +43,7 @@ awk -F: '{ printf("Login %s has more than 8 characters.\n", $1); if ($2 == "") printf("Login %s has no password.\n", $1); - if ((length($2) != 13 && ($10 ~ /.*sh$/ || $10 == "")) && system("for i in .rhosts .shosts .klogin ; do test -s "$9"/$i -a ! -O "$9"/$i && exit 1 ; done ; exit 0") != 0) + if ((length($2) != 13 && ($10 ~ /.*sh$/ || $10 == "")) && system("if grep -q \"^"$1" \" /etc/skeykeys || test -d "$9"/.ssh -a ! -O "$9"/.ssh ; then exit 1 ; fi ; for i in .rhosts .shosts .klogin ; do test -s "$9"/$i -a ! -O "$9"/$i && exit 1 ; done ; exit 0") != 0) printf("Login %s is off but still has a valid shell.\n", $1); if ($3 == 0 && $1 != "root") printf("Login %s has a user id of 0.\n", $1); |