[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

asd



Hi,

I've appended a patch to permit private group write access to the
"~/.rhosts" file.  This patch requires that the user is the only
member of the group that has their name.  It also requires the
"privategroup" module argument.

The patch also includes a few fixes for typos in the previous
code. None of these were security bugs, just ones that meant certain
features were not available ;*)

Cheers

Andrew

PS. This is the first time I've tried a mime attachment - if I fails
I'll post it again.
-- 
new job - new sig file under construction...
--- Linux-PAM-0.59preC/modules/pam_rhosts/pam_rhosts_auth.c	Wed Oct  8 20:08:06 1997
+++ Linux-PAM-0.59/modules/pam_rhosts/pam_rhosts_auth.c	Mon Oct 13 14:17:03 1997
@@ -4,6 +4,7 @@
  * Modifications, Peter Allgeyer 97/3
  * Modifications (netgroups and fixes), Nicolai Langfeldt 97/3/21
  * Security fix: 97/10/2 - gethostbyname called repeatedly without care
+ * Modification (added privategroup option) Andrew <morgan@transmeta.com>
  *----------------------------------------------------------------------
  * Copyright (c) 1983, 1993, 1994
  *	The Regents of the University of California.  All rights reserved.
@@ -78,6 +79,7 @@
 #include <sys/fsuid.h>
 #endif /* __USE_MISC */
 #include <pwd.h>
+#include <grp.h>
 #include <sys/file.h>
 #include <sys/signal.h>
 #include <sys/stat.h>
@@ -101,6 +103,7 @@
     int  opt_silent;
     int  opt_promiscuous;
     int  opt_suppress;
+    int  opt_private_group;
     const char *last_error;
 };
 
@@ -118,37 +121,43 @@
 
 static void set_option (struct _options *opts, const char *arg)
 {
-    if (strcmp (arg, "no_hosts_equiv") == 0) {
+    if (strcmp(arg, "no_hosts_equiv") == 0) {
 	opts->opt_no_hosts_equiv = 1;
 	return;
     }
 
-    if (strcmp (arg, "no_rhosts") == 0) {
+    if (strcmp(arg, "no_rhosts") == 0) {
 	opts->opt_no_rhosts = 1;
 	return;
     }
 
-    if (strcmp (arg, "debug") == 0) {
+    if (strcmp(arg, "debug") == 0) {
 	D(("debugging enabled"));
 	opts->opt_debug = 1;
 	return;
     }
 
-    if (strcmp (arg, "no_warn") == 0) {
+    if (strcmp(arg, "no_warn") == 0) {
 	opts->opt_nowarn = 1;
 	return;
     }
 
-    if (strcmp(arg, "promiscuous")) {
+    if (strcmp(arg, "promiscuous") == 0) {
 	opts->opt_promiscuous = 1;   /* used to permit '+' in ...hosts file */
 	return;
     }
 
-    if (strcmp(arg, "suppress")) {
+    if (strcmp(arg, "suppress") == 0) {
 	opts->opt_suppress = 1; /* used to suppress failure warning message */
 	return;
     }
 
+    if (strcmp(arg, "privategroup") == 0) {
+	opts->opt_private_group = 1; /* used to permit group write on .rhosts
+					file if group has same name as owner */
+	return;
+    }
+
     /*
      * All other options are ignored at the present time.
      */
@@ -484,14 +493,42 @@
     cp = NULL;
     if (lstat(pbuf, &sbuf) < 0 || !S_ISREG(sbuf.st_mode))
 	cp = ".rhosts not regular file";
-
-    if (fstat(fileno(hostf), &sbuf) < 0)
+    else if (fstat(fileno(hostf), &sbuf) < 0)
 	cp = ".rhosts fstat failed";
     else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
 	cp = "bad .rhosts owner";
-    else if (sbuf.st_mode & (S_IWGRP|S_IWOTH))
-	cp = ".rhosts writable by other than owner";
-    
+    else if (sbuf.st_mode & S_IWOTH)
+	cp = ".rhosts writable by other!";
+    else if (sbuf.st_mode & S_IWGRP) {
+
+	/* private group caveat */
+	if (opts->opt_private_group) {
+	    struct group *grp = getgrgid(sbuf.st_gid);
+
+	    if (NULL == grp || NULL == grp->gr_name
+		|| strcmp(luser,grp->gr_name)) {
+		cp = ".rhosts writable by public group";
+	    } else if (grp->gr_mem) {
+		int gcount;
+
+		/* require at most one member (luser) of this group */
+		for (gcount=0; grp->gr_mem[gcount]; ++gcount) {
+		    if (strcmp(grp->gr_mem[gcount], luser)) {
+			gcount = -1;
+			break;
+		    }
+		}
+		if (gcount < 0) {
+		    cp = ".rhosts writable by other members of group";
+		}
+	    }
+	} else {
+	    cp = ".rhosts writable by group";
+	}
+
+    } /* It is _NOT_ safe to append an else here...  Do so prior to
+       * S_IWGRP check */
+
     /* If there were any problems, quit. */
     if (cp) {
 	opts->last_error = cp;

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []