Hello,

I've noticed that ssh always opens /etc/passwd
on my Linux box before parsing command line options, and so the file is
opened even if the user is afterward presented with the usage and the
program ends.
So, this snippet in OpenSSH-4.2p1,
ssh.c: 219
/* Get user data. */
pw = getpwuid(original_real_uid);
if (!pw) {
logit("You don't exist, go away!");
exit(1);
}
/* Take a copy of the returned structure. */
pw = pwcopy(pw);

should probably be moved after options scanning, for example at
ssh: 515, after:
/* Check that we got a host name. */
if (!host)
usage();

I tested this and nothing seems to be broken by it. I can submit a patch
if it is wanted.

Cornel

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev