(do_login): work-around for setuid and capabilities bug fixed in Linux
2.2.16 git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8366 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -491,7 +491,7 @@ do_login(const struct passwd *pwd, char *tty, char *ttyn)
|
||||
if(rootlogin == 0)
|
||||
exit(1);
|
||||
}
|
||||
if(setuid(pwd->pw_uid)){
|
||||
if(setuid(pwd->pw_uid) || (pwd->pw_uid != 0 && setuid(0) == 0)) {
|
||||
warn("setuid(%u)", (unsigned)pwd->pw_uid);
|
||||
if(rootlogin == 0)
|
||||
exit(1);
|
||||
|
Reference in New Issue
Block a user