From bdb3da8589d6908c9c54f0014979d6dd7fef419a Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Wed, 7 May 2003 21:08:17 +0000 Subject: [PATCH] * init_os_ctx.c: Added support for KLL's __KLAllowHomeDirectoryAccess() function so that krb4, krb5 and gssapi will not access the user's homedir if the application forbids it git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15398 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/os/ChangeLog | 5 +++++ src/lib/krb5/os/init_os_ctx.c | 8 +++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index a17633ad7..be62ff39e 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,8 @@ +2003-05-06 Alexandra Ellwood + * init_os_ctx.c: Added support for KLL's __KLAllowHomeDirectoryAccess() + function so that krb4, krb5 and gssapi will not access the user's homedir + if the application forbids it. + 2003-04-28 Sam Hartman * changepw.c (krb5_change_set_password): Locate server in realm of diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index 7f2c2d593..8a09f0151 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -234,8 +234,14 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure) unsigned int ent_len; const char *s, *t; +#ifdef USE_LOGIN_LIBRARY + /* If __KLAllowHomeDirectoryAccess() == FALSE, we are probably + trying to authenticate to a fileserver for the user's homedir. */ + if (secure || !__KLAllowHomeDirectoryAccess ()) { +#else if (secure) { - filepath = DEFAULT_SECURE_PROFILE_PATH; +#endif + filepath = DEFAULT_SECURE_PROFILE_PATH; } else { filepath = getenv("KRB5_CONFIG"); if (!filepath) filepath = DEFAULT_PROFILE_PATH; -- 2.26.2