version 1.28.2.4, 2002/06/02 22:36:55 |
version 1.28.2.5, 2002/10/11 14:53:06 |
|
|
|
|
/* |
/* |
* Check a given file for security. This is defined as all components |
* Check a given file for security. This is defined as all components |
* of the path to the file must either be owned by either the owner of |
* of the path to the file must be owned by either the owner of |
* of the file or root and no directories must be group or world writable. |
* of the file or root and no directories must be group or world writable. |
* |
* |
* XXX Should any specific check be done for sym links ? |
* XXX Should any specific check be done for sym links ? |
|
|
struct passwd *pw; |
struct passwd *pw; |
|
|
pw = getpwnam(user); |
pw = getpwnam(user); |
if (pw == NULL || !allowed_user(pw)) |
if (pw == NULL) { |
|
log("Illegal user %.100s from %.100s", |
|
user, get_remote_ipaddr()); |
|
return (NULL); |
|
} |
|
if (!allowed_user(pw)) |
return (NULL); |
return (NULL); |
#ifdef HAVE_LOGIN_CAP |
#ifdef HAVE_LOGIN_CAP |
if ((lc = login_getclass(pw->pw_class)) == NULL) { |
if ((lc = login_getclass(pw->pw_class)) == NULL) { |