diff -cprN util-linux-2.11f.orig/login-utils/Makefile util-linux-2.11f/login-utils/Makefile *** util-linux-2.11f.orig/login-utils/Makefile Sun May 20 21:10:12 2001 --- util-linux-2.11f/login-utils/Makefile Tue Jan 8 17:48:38 2002 *************** last: last.o *** 104,113 **** ifeq "$(HAVE_PAM)" "yes" login: login.o $(LIB)/setproctitle.o $(LIB)/xstrncpy.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) $(PAM) else login: login.o $(LIB)/xstrncpy.o $(LIB)/setproctitle.o checktty.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) endif mesg: mesg.o $(ERR_O) --- 104,113 ---- ifeq "$(HAVE_PAM)" "yes" login: login.o $(LIB)/setproctitle.o $(LIB)/xstrncpy.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) $(PAM) -lvsd else login: login.o $(LIB)/xstrncpy.o $(LIB)/setproctitle.o checktty.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) -lvsd endif mesg: mesg.o $(ERR_O) diff -cprN util-linux-2.11f.orig/login-utils/login.c util-linux-2.11f/login-utils/login.c *** util-linux-2.11f.orig/login-utils/login.c Tue Jan 8 17:42:14 2002 --- util-linux-2.11f/login-utils/login.c Tue Jan 8 18:02:13 2002 *************** *** 117,122 **** --- 117,123 ---- #include "login.h" #include "xstrncpy.h" #include "nls.h" + #include #ifdef __linux__ # include *************** main(int argc, char **argv) *** 629,634 **** --- 630,643 ---- First get the username that we are actually using, though. */ retcode = pam_get_item(pamh, PAM_USER, (const void **) &username); + + /* VSD patch, testing for telnet prov */ + if (vsd_priv_access (username, "telnet")) { + fprintf (stderr, "login: access denied\n"); + syslog (LOG_ERR, "user %s access denied (no telnet privilege)", username); + exit (99); + } + if (retcode == PAM_SUCCESS && username && *username) { pwd = getpwnam(username); } diff -cprN util-linux-2.11f.orig/misc-utils/Makefile util-linux-2.11f/misc-utils/Makefile *** util-linux-2.11f.orig/misc-utils/Makefile Tue Jan 8 17:42:14 2002 --- util-linux-2.11f/misc-utils/Makefile Tue Jan 8 18:03:33 2002 *************** endif *** 48,53 **** --- 48,54 ---- NEEDS_CURSES= setterm NEEDS_OPENPTY= script + NEEDS_VSD= kill all: $(BIN) $(USRBIN) $(USRBIN.NONSHADOW) $(USRGAMES) *************** endif *** 61,66 **** --- 62,70 ---- $(NEEDS_OPENPTY): $(CC) $(LDFLAGS) $^ -o $@ $(LIBPTY) + $(NEEDS_VSD): + $(CC) $(LDFLAGS) $^ -o $@ -lvsd + %: %.sh cp $@.sh $@ chmod 755 $@ diff -cprN util-linux-2.11f.orig/misc-utils/kill.c util-linux-2.11f/misc-utils/kill.c *** util-linux-2.11f.orig/misc-utils/kill.c Thu Mar 15 10:09:58 2001 --- util-linux-2.11f/misc-utils/kill.c Tue Jan 8 18:08:59 2002 *************** *** 51,56 **** --- 51,58 ---- #include "kill.h" #include "nls.h" + #include + #define SIZE(a) (sizeof(a)/sizeof(a[0])) struct signv { *************** int main (int argc, char *argv[]) *** 166,171 **** --- 168,177 ---- bindtextdomain(PACKAGE, LOCALEDIR); textdomain(PACKAGE); + /* Drop privileges if not the admin user. */ + if (vsd_admin_user (getuid ()) != 1) + seteuid (getuid ()); + numsig = SIGTERM; do_pid = (! strcmp (progname, "pid")); /* Yecch */ do_kill = 0; *************** int kill_verbose (char *procname, int pi *** 361,367 **** printf ("%d\n", pid); return 0; } ! if (kill (pid, sig) < 0) { fprintf (stderr, "%s ", progname); perror (procname); return 1; --- 367,379 ---- printf ("%d\n", pid); return 0; } ! if (vsd_owner_pid (pid) == 1) { ! if (kill (pid, sig) < 0) { ! fprintf (stderr, "%s ", progname); ! perror (procname); ! return 1; ! } ! } else { fprintf (stderr, "%s ", progname); perror (procname); return 1;