aboutsummaryrefslogtreecommitdiff
path: root/loginutils/login.c
diff options
context:
space:
mode:
authorandersen <andersen@69ca8d6d-28ef-0310-b511-8ec308f3f277>2003-07-30 06:56:07 +0000
committerandersen <andersen@69ca8d6d-28ef-0310-b511-8ec308f3f277>2003-07-30 06:56:07 +0000
commit8b98e94671816dba72f3144d50143e3bba4ae3fb (patch)
tree2c03f03a698192213664f0d3998ab9591133c69a /loginutils/login.c
parent77bf0f3b53413d33b749899d143ba49be8c647f1 (diff)
downloadbusybox-w32-8b98e94671816dba72f3144d50143e3bba4ae3fb.tar.gz
busybox-w32-8b98e94671816dba72f3144d50143e3bba4ae3fb.tar.bz2
busybox-w32-8b98e94671816dba72f3144d50143e3bba4ae3fb.zip
Ronny L Nilsson writes:
The login process should always timeout if user don't login sucessfully within reasonable time. Otherwise we're sensetive to a DOS attack by simply doing a bunch of simultaneous telnet connections (deploys all availible TTY's). This patch make login.c terminate the connection after "TIMEOUT" seconds. git-svn-id: svn://busybox.net/trunk/busybox@7135 69ca8d6d-28ef-0310-b511-8ec308f3f277
Diffstat (limited to 'loginutils/login.c')
-rw-r--r--loginutils/login.c7
1 files changed, 2 insertions, 5 deletions
diff --git a/loginutils/login.c b/loginutils/login.c
index 741d15c93..c2bada258 100644
--- a/loginutils/login.c
+++ b/loginutils/login.c
@@ -86,12 +86,9 @@ extern int login_main(int argc, char **argv)
86 username[0]=0; 86 username[0]=0;
87 amroot = ( getuid ( ) == 0 ); 87 amroot = ( getuid ( ) == 0 );
88 signal ( SIGALRM, alarm_handler ); 88 signal ( SIGALRM, alarm_handler );
89 alarm ( TIMEOUT );
90 alarmstarted = 1;
89 91
90 if (( argc > 1 ) && ( TIMEOUT > 0 )) {
91 alarm ( TIMEOUT );
92 alarmstarted = 1;
93 }
94
95 while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) { 92 while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) {
96 switch ( flag ) { 93 switch ( flag ) {
97 case 'p': 94 case 'p':