summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorTheodore Tso <tytso@mit.edu>1997-10-23 18:03:01 +0000
committerTheodore Tso <tytso@mit.edu>1997-10-23 18:03:01 +0000
commit9a1025717ce9948c239492aa03afb8b5f468a458 (patch)
tree2622d1d096a8829588a598168ba7e7e3d046321d /src
parent69552826f0b7a271a8ae4a4286719e4e58169225 (diff)
Prohibit the passing of TERMCAP, TERMPATH, TERMINFO, and HOME, since
they can be used to exploit a security in tgetent. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10248 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r--src/appl/telnet/telnetd/ChangeLog6
-rw-r--r--src/appl/telnet/telnetd/state.c4
2 files changed, 10 insertions, 0 deletions
diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog
index b8fa48c52..6b7ef9fb2 100644
--- a/src/appl/telnet/telnetd/ChangeLog
+++ b/src/appl/telnet/telnetd/ChangeLog
@@ -1,3 +1,9 @@
+Thu Oct 23 13:59:32 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * state.c (envvarok): Prohibit the passing of TERMCAP, TERMPATH,
+ TERMINFO, and HOME, since they can be used to exploit a
+ security in tgetent.
+
Wed Apr 9 23:46:40 1997 Tom Yu <tlyu@mit.edu>
* sys_term.c (start_login): Bounds check the constructed "speed"
diff --git a/src/appl/telnet/telnetd/state.c b/src/appl/telnet/telnetd/state.c
index 16e71d470..9d5224acc 100644
--- a/src/appl/telnet/telnetd/state.c
+++ b/src/appl/telnet/telnetd/state.c
@@ -1645,6 +1645,10 @@ static int envvarok(varp)
char *varp;
{
if (!strchr(varp, '=') &&
+ strcmp(varp, "TERMCAP") && /* to prevent a security hole */
+ strcmp(varp, "TERMINFO") && /* with tgetent */
+ strcmp(varp, "TERMPATH") &&
+ strcmp(varp, "HOME") && /* to prevent the tegetent bug */
strncmp(varp, "LD_", strlen("LD_")) && /* most systems */
strncmp(varp, "_RLD_", strlen("_RLD_")) && /* irix */
strncmp(varp, "KRB5", strlen("KRB5")) && /* v5 */
generated by cgit (git 2.34.1) at 2026-03-03 10:10:30 +0000