[Bug 252] Patch for use of /etc/default/login

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Sep 1 16:41:18 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=252





------- Additional Comments From djm at mindrot.org  2003-09-01 16:41 -------
(From update of attachment 367)
Some comments:

I think these warnings:

>+	[ if test ! -z "$external_path_file" ; then
>+	AC_MSG_WARN([Make sure the path to scp is in $external_path_file])

should be added to here:

>@@ -2558,8 +2568,8 @@ echo "                   Askpass program
> echo "                      Manual pages: $F"
> echo "                          PID file: $G"
> echo "  Privilege separation chroot path: $H"
>-if test "$USES_LOGIN_CONF" = "yes" ; then
>-echo "   At runtime, sshd will use the path defined in /etc/login.conf"
>+if test ! -z "$external_path_file"; then
>+echo "   At runtime, sshd will use the path defined in $external_path_file"

so users actually get a chance to read them :)

>+static char *
>+child_get_env(char **envp, const char *name)
>+{
>+	u_int i, namelen;
>+
>+	namelen = strlen(name);
>+	for (i = 0; envp[i]; i++) {

KNF says "envp[i] != NULL"

>+	edf_envsize = 10;
>+	edf_env = xmalloc(edf_envsize * sizeof(char *));

Nit: I think that:
	edf_env = xmalloc(edf_envsize * sizeof(*edf_env));

is a generally safer way of allocating arrays.

>+		/*
>+		 * Paranoia check: set at least a standard path
>+		 * if none is set yet.
>+		 */

Nit: This isn't a paranoia check, most platforms don't use /e/d/l

>+		if (child_get_env(env, "PATH") == NULL) {
>+#ifdef SUPERUSER_PATH
>+			child_set_env(&env, &envsize, "PATH", 
>+			    s->pw->pw_uid == 0 ?
>+				SUPERUSER_PATH : _PATH_STDPATH);
>+#else 
>+			child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
>+#endif /* SUPERUSER_PATH */
>+		}

Maybe it would be better to hack defines.h to set SUPERUSER_PATH to
_PATH_STDPATH in cases where SUPERUSER_PATH isn't already set. That would allow
us to eliminate this #ifdef block entirely.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list