Mercurial > illumos > illumos-gate
changeset 3629:f8c20ebfd221
6523815 LARGE vulnerability in telnetd
author | danmcd |
---|---|
date | Sun, 11 Feb 2007 18:33:25 -0800 |
parents | 98d9a6c27bd3 |
children | 294dfe00730c |
files | usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c |
diffstat | 1 files changed, 9 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c Fri Feb 09 16:50:26 2007 -0800 +++ b/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c Sun Feb 11 18:33:25 2007 -0800 @@ -20,7 +20,7 @@ */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -3189,18 +3189,17 @@ * login will have to authenticate further. */ (void) execl(LOGIN_PROGRAM, "login", - "-p", - "-d", slavename, - "-h", host, - "-s", pam_svc_name, - (AuthenticatingUser != NULL ? AuthenticatingUser : - getenv("USER")), - 0); + "-p", + "-d", slavename, + "-h", host, + "-s", pam_svc_name, "--", + (AuthenticatingUser != NULL ? AuthenticatingUser : + getenv("USER")), 0); } else /* default, no auth. info available, login does it all */ { (void) execl(LOGIN_PROGRAM, "login", - "-p", "-h", host, "-d", slavename, - getenv("USER"), 0); + "-p", "-h", host, "-d", slavename, "--", + getenv("USER"), 0); } fatalperror(netfd, LOGIN_PROGRAM, errno);