- millert@cvs.openbsd.org 2002/05/13 15:53:19

[sshd.c]
     Call setsid() in the child after sshd accepts the connection and forks.
     This is needed for privsep which calls setlogin() when it changes uids.
     Without this, there is a race where the login name of an existing
     connection, as returned by getlogin(), may be changed to the privsep
     user (sshd).  markus@ OK

ChangeLog

@@ -17,6 +17,13 @@
      [auth-options.c auth.c auth.h]
      move the packet_send_debug handling from auth-options.c to auth.c; 
      ok provos@
+   - millert@cvs.openbsd.org 2002/05/13 15:53:19
+     [sshd.c]
+     Call setsid() in the child after sshd accepts the connection and forks.
+     This is needed for privsep which calls setlogin() when it changes uids.
+     Without this, there is a race where the login name of an existing 
+     connection, as returned by getlogin(), may be changed to the privsep 
+     user (sshd).  markus@ OK
 
 20020514
  - (stevesk) [README.privsep] PAM+privsep works with Solaris 8.
@@ -621,4 +628,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2126 2002/05/15 16:16:14 mouring Exp $
+$Id: ChangeLog,v 1.2127 2002/05/15 16:17:56 mouring Exp $

sshd.c

@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.240 2002/04/23 22:16:29 djm Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.241 2002/05/13 15:53:19 millert Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1331,6 +1331,14 @@ main(int ac, char **av)
 
 	/* This is the child processing a new connection. */
 
+	/*
+	 * Create a new session and process group since the 4.4BSD
+	 * setlogin() affects the entire process group.  We don't
+	 * want the child to be able to affect the parent.
+	 */
+	if (setsid() < 0)
+		error("setsid: %.100s", strerror(errno));
+
 	/*
 	 * Disable the key regeneration alarm.  We will not regenerate the
 	 * key since we are no longer in a position to give it to anyone. We