oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix kuserok.c:check_owner_file(), make tests/kdc/check-authz run

Browse Source
This commit is contained in:
Nicolas Williams
2011-12-14 18:01:35 -06:00
parent fb26e41d06
commit 4630ef1bdc
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/krb5/kuserok.c
View File

@@ -216,7 +216,8 @@ check_owner_file(krb5_context context,
char pwbuf[2048]; char pwbuf[2048];
struct stat st; struct stat st;
heim_assert(owner != NULL, "no file owner ?"); if (owner == NULL)
return 0;
if (rk_getpwnam_r(owner, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) { if (rk_getpwnam_r(owner, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) {
krb5_set_error_message(context, errno, krb5_set_error_message(context, errno,
@@ -244,7 +245,7 @@ check_owner_file(krb5_context context,
"permissions", filename); "permissions", filename);
return EACCES; return EACCES;
} }
if (pwd->pw_uid != st.st_uid || st.st_uid != 0) { if (pwd->pw_uid != st.st_uid && st.st_uid != 0) {
krb5_set_error_message(context, EACCES, krb5_set_error_message(context, EACCES,
"k5login %s not owned by the user or root", "k5login %s not owned by the user or root",
filename); filename);