- (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to

occur after UID switch; patch from John Marshall via des AT des.no; ok dtucker@
2013-03-15 11:22:37 +11:00 · 2013-03-15 11:22:37 +11:00 · 5852840190
parent f4db77d766
commit 5852840190
2 changed files with 8 additions and 0 deletions
--- a/3
+++ b/3
@ -4,6 +4,9 @@
   des.no
 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a usleep replacement for platforms that lack it; ok dtucker
+ - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
+   occur after UID switch; patch from John Marshall via des AT des.no;
+   ok dtucker@

 20120312
 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
--- a/session.c
+++ b/session.c
@ -1520,6 +1520,11 @@ do_setusercontext(struct passwd *pw)
 			perror("unable to set user context (setuser)");
 			exit(1);
 		}
+		/* 
+		 * FreeBSD's setusercontext() will not apply the user's
+		 * own umask setting unless running with the user's UID.
+		 */
+		(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
 #else
 		/* Permanently switch to the desired uid. */
 		permanently_set_uid(pw);