tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (djm) [session.c] call setexeccon() before executing passwd for pw 

changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
This commit is contained in:
Damien Miller 2011-05-20 11:23:07 +10:00
parent 23f425b48b
commit 14684a1f84
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
20110520
- (djm) [session.c] call setexeccon() before executing passwd for pw
changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
20110515 20110515
- (djm) OpenBSD CVS Sync - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2011/05/05 05:12:08 - djm@cvs.openbsd.org 2011/05/05 05:12:08

7
session.c
View File

@ -96,6 +96,10 @@
#include <kafs.h> #include <kafs.h>
#endif #endif
#ifdef WITH_SELINUX
#include <selinux/selinux.h>
#endif
#define IS_INTERNAL_SFTP(c) \ #define IS_INTERNAL_SFTP(c) \
(!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \ (!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \
(c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \ (c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \
@ -1531,6 +1535,9 @@ do_pwchange(Session *s)
if (s->ttyfd != -1) { if (s->ttyfd != -1) {
fprintf(stderr, fprintf(stderr,
"You must change your password now and login again!\n"); "You must change your password now and login again!\n");
#ifdef WITH_SELINUX
setexeccon(NULL);
#endif
#ifdef PASSWD_NEEDS_USERNAME #ifdef PASSWD_NEEDS_USERNAME
execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name,
(char *)NULL); (char *)NULL);