diff options
author | Eric Andersen | 2003-07-30 06:56:07 +0000 |
---|---|---|
committer | Eric Andersen | 2003-07-30 06:56:07 +0000 |
commit | d8ceba959a9e8c6a62b20080bb745776e1644fb8 (patch) | |
tree | 2c03f03a698192213664f0d3998ab9591133c69a | |
parent | eef2317b9f5bdd362a7b8a0169c688245374f0f5 (diff) | |
download | busybox-d8ceba959a9e8c6a62b20080bb745776e1644fb8.zip busybox-d8ceba959a9e8c6a62b20080bb745776e1644fb8.tar.gz |
Ronny L Nilsson writes:
The login process should always timeout if user don't login sucessfully within
reasonable time. Otherwise we're sensetive to a DOS attack by simply doing a
bunch of simultaneous telnet connections (deploys all availible TTY's).
This patch make login.c terminate the connection after "TIMEOUT" seconds.
-rw-r--r-- | loginutils/login.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/loginutils/login.c b/loginutils/login.c index 741d15c..c2bada2 100644 --- a/loginutils/login.c +++ b/loginutils/login.c @@ -86,12 +86,9 @@ extern int login_main(int argc, char **argv) username[0]=0; amroot = ( getuid ( ) == 0 ); signal ( SIGALRM, alarm_handler ); + alarm ( TIMEOUT ); + alarmstarted = 1; - if (( argc > 1 ) && ( TIMEOUT > 0 )) { - alarm ( TIMEOUT ); - alarmstarted = 1; - } - while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) { switch ( flag ) { case 'p': |