diff -cprN util-linux-2.9w/login-utils/Makefile util-linux/login-utils/Makefile *** util-linux-2.9w/login-utils/Makefile Fri Jul 9 03:56:37 1999 --- util-linux/login-utils/Makefile Thu May 4 11:32:04 2000 *************** last: last.o *** 95,104 **** ifeq "$(HAVE_PAM)" "yes" login: login.o $(LIB)/setproctitle.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) $(PAM) else login: login.o $(LIB)/setproctitle.o checktty.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) endif mesg: mesg.o $(ERR_O) --- 95,104 ---- ifeq "$(HAVE_PAM)" "yes" login: login.o $(LIB)/setproctitle.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) $(PAM) -lvsd else login: login.o $(LIB)/setproctitle.o checktty.o ! $(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) -lvsd endif mesg: mesg.o $(ERR_O) diff -cprN util-linux-2.9w/login-utils/login.c util-linux/login-utils/login.c *** util-linux-2.9w/login-utils/login.c Thu May 4 10:30:14 2000 --- util-linux/login-utils/login.c Thu May 4 11:30:35 2000 *************** *** 147,152 **** --- 147,154 ---- pam_end(pamh,retcode); } #endif + #include + #ifndef __linux__ # include #endif *************** main(int argc, char **argv) *** 588,593 **** --- 590,600 ---- First get the username that we are actually using, though. */ retcode = pam_get_item(pamh, PAM_USER, (const void **) &username); + if (vsd_priv_access (username, "telnet")) { + fprintf (stderr, "login: access denied\n"); + syslog (LOG_ERR, "user %s access denied (no telnet privilege)", username); + exit (99); + } setpwent(); pwd = getpwnam(username); if (pwd) initgroups(username, pwd->pw_gid); diff -cprN util-linux-2.9w/misc-utils/Makefile util-linux/misc-utils/Makefile *** util-linux-2.9w/misc-utils/Makefile Thu May 4 10:30:45 2000 --- util-linux/misc-utils/Makefile Thu May 4 16:42:05 2000 *************** endif *** 51,56 **** --- 51,57 ---- NEEDS_CURSES= setterm NEEDS_OPENPTY= script + NEEDS_VSD= kill all: $(BIN) $(USRBIN) $(USRBIN.NONSHADOW) $(USRGAMES) *************** endif *** 63,68 **** --- 64,72 ---- $(NEEDS_OPENPTY): $(CC) $(LDFLAGS) $^ -o $@ $(LIBPTY) + + $(NEEDS_VSD): + $(CC) $(LDFLAGS) $^ -o $@ -lvsd %: %.sh cp $@.sh $@ diff -cprN util-linux-2.9w/misc-utils/kill.c util-linux/misc-utils/kill.c *** util-linux-2.9w/misc-utils/kill.c Fri Jul 9 03:56:38 1999 --- util-linux/misc-utils/kill.c Thu May 4 16:39:05 2000 *************** *** 48,53 **** --- 48,55 ---- #include #include "nls.h" + #include + #define SIZE(a) (sizeof(a)/sizeof(a[0])) struct signv { *************** int main (int argc, char *argv[]) *** 160,165 **** --- 162,171 ---- bindtextdomain(PACKAGE, LOCALEDIR); textdomain(PACKAGE); + /* Drop privileges if not the admin user. */ + if (vsd_admin_user (getuid ()) != 1) + seteuid (getuid ()); + whoami = mybasename (*argv); numsig = SIGTERM; do_pid = (! strcmp (whoami, "pid")); *************** int kill_verbose (char *procname, int pi *** 351,360 **** printf ("%d\n", pid); return 0; } ! if (kill (pid, sig) < 0) { ! fprintf (stderr, "%s ", whoami); ! perror (procname); ! return 1; } return 0; } --- 357,372 ---- printf ("%d\n", pid); return 0; } ! if (vsd_owner_pid (pid) == 1) { ! if (kill (pid, sig) < 0) { ! fprintf (stderr, "%s ", whoami); ! perror (procname); ! return 1; ! } ! } else { ! fprintf (stderr, "%s ", whoami); ! perror (procname); ! return 1; } return 0; }