Fixed XSS bugs in pam_login.cgi.
---- Changes since 1.370 ----
Hid the Jabber and Security Sentries modules by default, as the underlying software is no longer supported.
+On Linux systems, sped up the function for finding processes so that it no longer has to launch 'ps' - instead, it reads /proc directly.
# Finds a process by name, and returns a list of matching PIDs
sub find_byname
{
+if ($gconfig{'os_type'} =~ /-linux$/ && -r "/proc/$$/cmdline") {
+ # Linux with /proc filesystem .. use cmdline files, as this is
+ # faster than forking
+ local @pids;
+ opendir(PROCDIR, "/proc");
+ foreach my $f (readdir(PROCDIR)) {
+ if ($f eq int($f)) {
+ local $line = &read_file_contents("/proc/$f/cmdline");
+ if ($line =~ /$_[0]/) {
+ push(@pids, $f);
+ }
+ }
+ }
+ closedir(PROCDIR);
+ return @pids;
+ }
+
if (&foreign_check("proc")) {
# Call the proc module
&foreign_require("proc", "proc-lib.pl");