ALP-pool/pam
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 pam revision 42421bf1e4ac29f3a085bc8cfcf0667c

Browse Source
This commit is contained in:
Adrian Schröter 2024-11-15 10:47:44 +01:00
parent bfd3e49328
commit 8f93461bac
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
pam-bsc1194818-cursor-escape.patch Normal file
View File

@ -0,0 +1,36 @@
From 8ae228fa76ff9ef1d8d6b2199582d9206f1830c6 Mon Sep 17 00:00:00 2001
From: Stanislav Brabec <sbrabec@suse.cz>
Date: Mon, 22 Jul 2024 23:18:16 +0200
Subject: [PATCH] libpam_misc: Use ECHOCTL in the terminal input
Use the canonical terminal mode (line mode) and set ECHOCTL to prevent
cursor escape from the login prompt using arrows or escape sequences.
ICANON is the default in most cases anyway. ECHOCTL is default on tty, but
for example not on pty, allowing cursor to escape.
Stanislav Brabec <sbrabec@suse.com>
---
libpam_misc/misc_conv.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c
index 7410e929..6b839b48 100644
--- a/libpam_misc/misc_conv.c
+++ b/libpam_misc/misc_conv.c
@@ -145,9 +145,10 @@ static int read_string(int echo, const char *prompt, char **retstr)
return -1;
}
memcpy(&term_tmp, &term_before, sizeof(term_tmp));
- if (!echo) {
+ if (echo)
+ term_tmp.c_lflag |= ICANON | ECHOCTL;
+ else
term_tmp.c_lflag &= ~(ECHO);
- }
have_term = 1;
/*
--
2.45.2

6
pam.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Aug 7 14:44:56 UTC 2024 - Stanislav Brabec <sbrabec@suse.com>
- Prevent cursor escape from the login prompt [bsc#1194818]
* Added: pam-bsc1194818-cursor-escape.patch
-------------------------------------------------------------------
Wed Feb 7 13:11:15 UTC 2024 - Thorsten Kukuk <kukuk@suse.com>

3
pam.spec
View File

@ -104,6 +104,8 @@ Patch3: pam_env-fix-enable-vendordir-fallback.patch
Patch4: pam_env-remove-escaped-newlines.patch
# https://github.com/linux-pam/linux-pam/pull/744
Patch5: pam_unix-fix-password-aging-disabled.patch
# https://github.com/linux-pam/linux-pam/pull/816
Patch6: pam-bsc1194818-cursor-escape.patch
BuildRequires: audit-devel
BuildRequires: bison
BuildRequires: flex
@ -220,6 +222,7 @@ cp -a %{SOURCE12} .
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
bash ./pam-login_defs-check.sh