aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/telnet/telnet/telnet.c
diff options
context:
space:
mode:
authorNick Sayer <nsayer@FreeBSD.org>2001-05-30 20:46:48 +0000
committerNick Sayer <nsayer@FreeBSD.org>2001-05-30 20:46:48 +0000
commit9c903a8b764a8b16c4208020b6ae98bff6d35e7e (patch)
tree1b3b7cdf517553b13373efc7288a0de3f9ebc6b6 /crypto/telnet/telnet/telnet.c
parent8ca83579ffc02208f814330dd7be8120b16668e7 (diff)
downloadsrc-9c903a8b764a8b16c4208020b6ae98bff6d35e7e.tar.gz
src-9c903a8b764a8b16c4208020b6ae98bff6d35e7e.zip
MFC: Security fixes to SRA telnet:
1. Add PAM support to SRA. Includes adding telnetd to /etc/pam.conf and -lpam to the secure telnetd/telnet Makefiles. 2. Insist on secure tty before allowing root login. This should be replaced with a suitable PAM module at some point. 3. Make sure not to overflow the xuser/xpass buffers. Since they were malloc()ed (check for malloc failure and abort, too, btw) this was likely not exploitable, but it is best to be safe. Submitted by: kris Review timeout: security-officer
Notes
Notes: svn path=/stable/4/; revision=77499
Diffstat (limited to 'crypto/telnet/telnet/telnet.c')
-rw-r--r--crypto/telnet/telnet/telnet.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/telnet/telnet/telnet.c b/crypto/telnet/telnet/telnet.c
index 45df4ed00069..68555b716a12 100644
--- a/crypto/telnet/telnet/telnet.c
+++ b/crypto/telnet/telnet/telnet.c
@@ -126,6 +126,7 @@ int
clienteof = 0;
char *prompt = 0;
+char *line; /* hack around breakage in sra.c :-( !! */
cc_t escape;
cc_t rlogin;