diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2001-09-16 16:48:40 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2001-09-16 16:48:40 +0000 |
commit | 35105a5f9146d26720c3e84f71de2cdb0dd6c74c (patch) | |
tree | b8373300811c817dd1220bbe7e597e0ca76c777c /lib | |
parent | 9849949cae0603df0485a0be8a3f80fb8f68f304 (diff) | |
download | src-35105a5f9146d26720c3e84f71de2cdb0dd6c74c.tar.gz src-35105a5f9146d26720c3e84f71de2cdb0dd6c74c.zip |
Disable per-user .login_conf support due to incorrect merging of local
and globaly settings. An alternative implementation will be developed.
Reported by: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
Notes
Notes:
svn path=/head/; revision=83550
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libutil/login.conf.5 | 2 | ||||
-rw-r--r-- | lib/libutil/login_cap.c | 3 |
2 files changed, 5 insertions, 0 deletions
diff --git a/lib/libutil/login.conf.5 b/lib/libutil/login.conf.5 index 37580b6f5700..f27063076bad 100644 --- a/lib/libutil/login.conf.5 +++ b/lib/libutil/login.conf.5 @@ -60,6 +60,8 @@ to set user-defined environment settings which override those specified in the system login capabilities database. Only a subset of login capabilities may be overridden, typically those which do not involve authentication, resource limits and accounting. +NOTE: this feature is compile-time disabled by default due to potential +security risks. .Pp Records in a class capabilities database consist of a number of colon-separated fields. diff --git a/lib/libutil/login_cap.c b/lib/libutil/login_cap.c index 85883be82873..bb4c080ed39f 100644 --- a/lib/libutil/login_cap.c +++ b/lib/libutil/login_cap.c @@ -193,6 +193,9 @@ login_getclassbyname(char const *name, const struct passwd *pwd) static char *login_dbarray[] = { NULL, NULL, NULL }; +#ifndef _FILE_LOGIN_CONF_WORKS + dir = NULL; +#endif /* * Switch to user mode before checking/reading its ~/.login_conf * - some NFSes have root read access disabled. |