From 538f1819d8fb22c7e3b3a5ee99c406f296c86335 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 12 Sep 2002 09:51:10 +1000 Subject: [PATCH] - markus@cvs.openbsd.org 2002/09/10 20:24:47 [ssh-agent.c] check the euid of the connecting process with getpeereid(2); ok provos deraadt stevesk --- ChangeLog | 6 +++++- ssh-agent.c | 17 ++++++++++++++++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8b1d28722..5ee66174f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,10 @@ - markus@cvs.openbsd.org 2002/09/09 14:54:15 [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c] signed vs unsigned from -pedantic; ok henning@ + - markus@cvs.openbsd.org 2002/09/10 20:24:47 + [ssh-agent.c] + check the euid of the connecting process with getpeereid(2); + ok provos deraadt stevesk 20020911 - (djm) Sync openbsd-compat with OpenBSD -current @@ -1631,4 +1635,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2454 2002/09/11 23:49:15 djm Exp $ +$Id: ChangeLog,v 1.2455 2002/09/11 23:51:10 djm Exp $ diff --git a/ssh-agent.c b/ssh-agent.c index 0bfef4dce..312f2269d 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/fake-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.102 2002/08/22 20:57:19 stevesk Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.103 2002/09/10 20:24:47 markus Exp $"); #include #include @@ -810,6 +810,8 @@ after_select(fd_set *readset, fd_set *writeset) char buf[1024]; int len, sock; u_int i; + uid_t euid; + gid_t egid; for (i = 0; i < sockets_alloc; i++) switch (sockets[i].type) { @@ -825,6 +827,19 @@ after_select(fd_set *readset, fd_set *writeset) strerror(errno)); break; } + if (getpeereid(sock, &euid, &egid) < 0) { + error("getpeereid %d failed: %s", + sock, strerror(errno)); + close(sock); + break; + } + if (getuid() != euid) { + error("uid mismatch: " + "peer euid %d != uid %d", + (int) euid, (int) getuid()); + close(sock); + break; + } new_socket(AUTH_CONNECTION, sock); } break;