[Bug 899] sshd displays illegal usernames through setproctitle()

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jul 21 07:22:14 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=899

           Summary: sshd displays illegal usernames through setproctitle()
           Product: Portable OpenSSH
           Version: 3.8.1p1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: peak at argo.troja.mff.cuni.cz


authctxt->pw ? user : "unknown" is pointless because illegal users get pw from
fakepw(), the code should check authctxt->valid
moreover, a check of this kind is completely missing in auth-pam.c



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list