[3198] in Kerberos-V5-bugs
krb5-appl/943: login bug + fix
daemon@ATHENA.MIT.EDU (Todd Kover)
Tue Apr 17 18:49:44 2001
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, Todd Kover <kovert@omniscient.com>
Message-Id: <200104172248.f3HMmaD1208004@surly.omniscient.com>
Date: Tue, 17 Apr 2001 18:48:35 -0400
From: Todd Kover <kovert@omniscient.com>
To: krb5-bugs@mit.edu
>Number: 943
>Category: krb5-appl
>Synopsis: login fails to chdir on nfs mounted files systems w/ ~ mode 700
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Apr 17 18:49:00 EDT 2001
>Last-Modified:
>Originator: Todd Kover
>Organization:
Little
>Release: krb5-1.2.2
>Environment:
solaris on sparc, various vresions
>Description:
If a site uses nfs mounted home directories, where root is mapped to
nobody and a user attempts to rlogin into one of those machines with
a home directory of mode 700, it will fail to chdir() to the directory
on login.
>How-To-Repeat:
should be pretty obvious. :-)
>Fix:
besides changing the mode on a home directory, moving the chdir to
after the setuid() fixes this, ala:
--- ../orig/krb5-1.2.2/src/appl/bsd/login.c Wed Feb 28 17:06:43 2001
+++ src/appl/bsd/login.c Tue Apr 17 16:39:44 2001
@@ -1416,14 +1416,6 @@
}
#endif
- if (chdir(pwd->pw_dir) < 0) {
- printf("No directory %s!\n", pwd->pw_dir);
- if (chdir("/"))
- exit(0);
- pwd->pw_dir = "/";
- printf("Logging in with home = \"/\".\n");
- }
-
/* nothing else left to fail -- really log in */
{
struct utmp utmp;
@@ -1629,6 +1621,14 @@
if (setuid((uid_t) pwd->pw_uid) < 0) {
perror("setuid");
sleepexit(1);
+ }
+
+ if (chdir(pwd->pw_dir) < 0) {
+ printf("No directory %s!\n", pwd->pw_dir);
+ if (chdir("/"))
+ exit(0);
+ pwd->pw_dir = "/";
+ printf("Logging in with home = \"/\".\n");
}
/*
>Audit-Trail:
>Unformatted:
