netbsd-bugs: bin/4636: login fails for non-root exported NFS-home with mode 700

Subject: bin/4636: login fails for non-root exported NFS-home with mode 700
To: None <gnats-bugs@gnats.netbsd.org>
From: Hubert Feyrer <feyrer@jabberwocky.fh-regensburg.de>
List: netbsd-bugs
Date: 12/04/1997 09:41:22

>Number:         4636
>Category:       bin
>Synopsis:       login fails for non-root exported NFS-home with mode 700
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Dec  4 00:50:00 1997
>Last-Modified:
>Originator:     Hubert Feyrer
>Organization:
Hubert Feyrer <hubert.feyrer@rz.uni-regensburg.de>
>Release:        1.3_ALPHA
>Environment:
	
System: NetBSD jabberwocky 1.2 NetBSD 1.2 (JABBERWOCKY) #0: Sun Sep 7 13:47:41 GMT 1997 feyrer@jabberwocky:/usr/src/sys/arch/i386/compile/JABBERWOCKY i386


>Description:
	If you mount a user-home via NFS, and that NFS volume is
	exported without root access (i.e. no -root=0 in exports file),
	AND the home-dir is mode 700, login fails:

	No home directory /home3/bedienst/test!
	Logging in with home = "/".

	The problem is, that the chdir(2) to the home fails, as it
	is done with root provileges, which violate the conditions
	under which the home is NFS-exported.

>How-To-Repeat:
	Export a $HOME with non-root access privileges via NFS, chmod
	700 it, and then try to login on a NFS client.

>Fix:

chdir(2) to $HOME after giving up special permissions.


Index: login.c
===================================================================
RCS file: /cvsroot/src/usr.bin/login/login.c,v
retrieving revision 1.32
diff -u -r1.32 login.c
--- login.c	1997/11/07 20:32:05	1.32
+++ login.c	1997/12/04 08:29:43
@@ -1,4 +1,4 @@
-/*	$NetBSD: login.c,v 1.32 1997/11/07 20:32:05 mrg Exp $	*/
+/*	$NetBSD: login.c,v 1.31.2.1 1997/11/07 20:34:52 mrg Exp $	*/
 
 /*-
  * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@@ -44,7 +44,7 @@
 #if 0
 static char sccsid[] = "@(#)login.c	8.4 (Berkeley) 4/2/94";
 #endif
-__RCSID("$NetBSD: login.c,v 1.32 1997/11/07 20:32:05 mrg Exp $");
+__RCSID("$NetBSD: login.c,v 1.31.2.1 1997/11/07 20:34:52 mrg Exp $");
 #endif /* not lint */
 
 /*
@@ -388,14 +388,6 @@
 	if (!rootlogin)
 		checknologin();
 
-	if (chdir(pwd->pw_dir) < 0) {
-		(void)printf("No home directory %s!\n", pwd->pw_dir);
-		if (chdir("/"))
-			exit(0);
-		pwd->pw_dir = "/";
-		(void)printf("Logging in with home = \"/\".\n");
-	}
-
 	quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0;
 
 	if (pwd->pw_change || pwd->pw_expire)
@@ -516,6 +508,17 @@
 		(void)setuid(0);
 	else
 		(void)setuid(pwd->pw_uid);
+
+	/* do chdir as non-root so we can change into NFS-mounted homes */
+	/* that are exported for non-root access and have mode 700 */
+	if (chdir(pwd->pw_dir) < 0) {
+		(void)printf("No home directory %s!\n", pwd->pw_dir);
+		if (chdir("/"))
+			exit(0);
+		pwd->pw_dir = "/";
+		(void)printf("Logging in with home = \"/\".\n");
+	}
+
 
 	/* Wait to change password until we're unprivileged */
 	if (need_chpass) {
>Audit-Trail:
>Unformatted: