login: add big fat comment about SIGINT - prevent

adding/deleting that code again and again
author: Denis Vlasenko <vda.linux@googlemail.com> 2006-10-31 18:30:56 +0000
committer: Denis Vlasenko <vda.linux@googlemail.com> 2006-10-31 18:30:56 +0000
commit: 8c76487f06023f33ea0d92f686b29b958748d3f8 (patch)
tree: e6d873782b45a11ee4d948afc551e5878ed297a9 /loginutils
parent: 6ae8079e2d66dd1328a32fba09e9ba6a6a79f0f9 (diff)
download: busybox-8c76487f06023f33ea0d92f686b29b958748d3f8.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/loginutils/login.c b/loginutils/login.c
index 04283007b..2ad52c63e 100644
--- a/loginutils/login.c
+++ b/loginutils/login.c
@@ -386,7 +386,14 @@ auth_failed:
 	// /* TIOCSCTTY: steal tty from other process group */
 	// if (ioctl(0, TIOCSCTTY, 1)) error_msg...
 
-	signal(SIGALRM, SIG_DFL); /* set signals to defaults */
+	/* set signals to defaults */
+	signal(SIGALRM, SIG_DFL);
+	/* Is this correct? This way user can ctrl-c out of /etc/profile,
+	 * potentially creating security breach (tested with bash 3.0).
+	 * But without this, bash 3.0 will not enable ctrl-c either.
+	 * Maybe bash is buggy?
+	 * Need to find out what standards say about /bin/login -
+	 * should it leave SIGINT etc enabled or disabled? */
 	signal(SIGINT, SIG_DFL);
 
 	run_shell(tmp, 1, 0, 0);	/* exec the shell finally */
author	Denis Vlasenko <vda.linux@googlemail.com>	2006-10-31 18:30:56 +0000
committer	Denis Vlasenko <vda.linux@googlemail.com>	2006-10-31 18:30:56 +0000
commit	8c76487f06023f33ea0d92f686b29b958748d3f8 (patch)
tree	e6d873782b45a11ee4d948afc551e5878ed297a9 /loginutils
parent	6ae8079e2d66dd1328a32fba09e9ba6a6a79f0f9 (diff)
download	busybox-8c76487f06023f33ea0d92f686b29b958748d3f8.tar.gz