Corinna Vinschen 2c12a2c32a Cygwin: seteuid: refuse changing uid to disabled or locked out user ...

So far seteuid could change uid to any existing account, given
sufficient permissions of the caller.  This is kind of bad since
it disallows admins to refuse login to disabled or locked out
accounts.

Add check for the account's UF_ACCOUNTDISABLE or UF_LOCKOUT flags
and don't let the user in, if one of the flags is set.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

2019-01-24 16:24:35 +01:00

..

1.7.10

…

1.7.11

…

1.7.12

…

1.7.13

…

1.7.14

…

1.7.15

…

1.7.16

…

1.7.17

…

1.7.18

…

1.7.19

…

1.7.20

…

1.7.21

…

1.7.22

…

1.7.23

…

1.7.24

…

1.7.25

…

1.7.26

…

1.7.27

…

1.7.28

…

1.7.29

…

1.7.30

…

1.7.31

…

1.7.32

…

1.7.33

…

1.7.34

…

1.7.35

…

2.0.0

…

2.0.1

…

2.0.3

…

2.0.4

…

2.1.0

…

2.2.0

…

2.2.1

…

2.3.0

…

2.3.1

…

2.4.0

…

2.4.1

…

2.5.0

…

2.5.1

…

2.5.2

Add release message for commit 2c83227

2016-06-21 13:43:53 +02:00

2.6.0

Fix passwd getting error 1265 when running on newer Windows

2016-08-31 12:08:34 +02:00

2.6.1

Cygwin: Add release messages for last two checkins

2016-12-13 12:49:02 +01:00

2.7.0

Add release message for commit 609d2b2

2017-02-03 21:54:25 +01:00

2.8.0

Add latest changes to Cygwin release information

2017-03-28 13:42:11 +02:00

2.8.1

Note regtool fix in release message

2017-06-22 14:48:43 +02:00

2.8.2

cygwin: 2.8.2: add missing release message text

2017-07-12 10:49:10 +02:00

2.9.0

cygwin: add strptime %F fix to release notes

2017-08-29 21:12:21 +02:00

2.10.0

cygwin: 2.10.0 release text: fix formatting

2018-01-22 15:32:29 +01:00

2.11.0

Cygwin: Accommodate logon sessions on Windows 10

2018-08-28 11:28:28 +02:00

2.11.1

Cygwin: fix Win32 path ".." backtracking

2018-09-01 21:06:24 +02:00

2.11.2

Cygwin: honor SOCK_NONBLOCK/SOCK_CLOEXEC in socket(2)/socketpair(2)

2018-11-05 21:02:22 +01:00

2.12.0

Cygwin: seteuid: refuse changing uid to disabled or locked out user

2019-01-24 16:24:35 +01:00