Don't crash if .k[5]login file ownership is wrong. Patch from Emily Ratliff, ratliff...

author Ken Raeburn <raeburn@mit.edu>

Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)

committer Ken Raeburn <raeburn@mit.edu>

Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)
author Ken Raeburn <raeburn@mit.edu>
Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)
committer Ken Raeburn <raeburn@mit.edu>
Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)
diff --git a/src/clients/ksu/ChangeLog b/src/clients/ksu/ChangeLog

index 33ee0fa9ad0a7ad74a0f146ffc189a83d3da741d..1ef25fcdc9c1c07729dc92915a0e4d322a319f0a 100644 (file)
--- a/src/clients/ksu/ChangeLog
+++ b/src/clients/ksu/ChangeLog
@@ -1,3 +1,10 @@
+2001-10-18  Ken Raeburn  <raeburn@mit.edu>
+
+       Don't crash if .k[5]login file ownership is wrong.  Patch from
+       Emily Ratliff, ratliff@austin.ibm.com.
+       * authorization.c (fowner): Don't close the file even on error.
+       (krb5_authorization): Close the file if fowner returns FALSE.
+
  2001-10-09  Ken Raeburn  <raeburn@mit.edu>
  
         * authorization.c, heuristic.c, krb_auth_su.c, ksu.h, main.c: Make
diff --git a/src/clients/ksu/authorization.c b/src/clients/ksu/authorization.c

index f932368ea9c822f18ae4520486a5baa3fc046428..8f6da689fa408115d68253119e8f806598711f9c 100644 (file)
--- a/src/clients/ksu/authorization.c
+++ b/src/clients/ksu/authorization.c
@@ -40,12 +40,10 @@ krb5_boolean fowner(fp, uid)
       * the user himself, or by root.  Otherwise, don't grant access.
       */
      if (fstat(fileno(fp), &sbuf)) {
-       fclose(fp);
         return(FALSE);
      }
  
      if ((sbuf.st_uid != uid) && sbuf.st_uid) {
-       fclose(fp);
         return(FALSE);
      }
  
@@ -103,8 +101,10 @@ krb5_error_code krb5_authorization(context, principal, luser,
      if (!k5login_flag){
         if ((login_fp = fopen(k5login_path, "r")) == NULL)
             return 0;
-       if ( fowner(login_fp, pwd->pw_uid) == FALSE)
+       if ( fowner(login_fp, pwd->pw_uid) == FALSE) {
+           fclose(login_fp);
             return 0;
+       }
      }
  
      if (!k5users_flag){
@@ -112,6 +112,7 @@ krb5_error_code krb5_authorization(context, principal, luser,
             return 0;
         }
         if ( fowner(users_fp, pwd->pw_uid) == FALSE){
+           fclose(users_fp);
             return 0;
         }
      }
author	Ken Raeburn <raeburn@mit.edu>
	Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)
committer	Ken Raeburn <raeburn@mit.edu>
	Fri, 19 Oct 2001 02:09:54 +0000 (02:09 +0000)
src/clients/ksu/ChangeLog		patch \| blob \| history
src/clients/ksu/authorization.c		patch \| blob \| history