[7689] in Athena Bugs
xlogin (all versions) 7.2R (and current sources)
daemon@ATHENA.MIT.EDU (Mark W. Eichin)
Tue Jun 25 22:20:37 1991
Date: Tue, 25 Jun 91 22:20:26 EDT
From: "Mark W. Eichin" <eichin@MIT.EDU>
To: bugs@ATHENA.MIT.EDU
In etc.athena/xdm/xlogin/verify.c, version 1.15, the following logic
is found:
User types invalid user name, no password.
verify.c: check local account. (FAILS)
hes_getpwnam(user) (FAILS)
clear password
cleanup(NULL)
return (and try again.)
Note that "cleanup", on line 391, begins by calling dest_tkt(). This
routine is in the kerberos library; it refers to TKT_FILE, which calls
tkt_string, which synthesizes a ticket file name out of getuid() (did
you see a setuid call in the above logic? Nope...) so
krb_ticket_string gets set to "/tmp/tkt0", which tkt_string returns
the next time around and uses.
A fix would be to simply make sure that krb_set_tkt_string()
is called around line 126 of verify.c, where the setenv("KRBTKFILE")
occurs, so that the kerberos library is informed of the new value.
_Mark_ <eichin@athena.mit.edu>
MIT Student Information Processing Board
Watchmaker Computing <eichin@watch.com>
