tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Check systemwide ssh config file permissions (#483)

Browse Source
This commit is contained in:
bagajjal 2021-03-11 16:49:29 -08:00 committed by GitHub
parent 1a1a2ac5f1
commit 65625c685a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssh.c
View File

@ -550,9 +550,20 @@ process_config_files(const char *host_name, struct passwd *pw, int final_pass,
(final_pass ? SSHCONF_FINAL : 0), want_final_pass); (final_pass ? SSHCONF_FINAL : 0), want_final_pass);
/* Read systemwide configuration file after user config. */ /* Read systemwide configuration file after user config. */
#ifdef WINDOWS
/*
* Windows doesn't have systemwide configuration folder created by default.
* If a non-admin user creates the systemwide folder then systemwide ssh_config inherits parent folder permissions i.e., non-admin user have write permissions.
* This is not desirable. For windows, We make sure the systemwide sshd_config file is not editable by non-admin users.
*/
(void)read_config_file(_PATH_HOST_CONFIG_FILE, pw,
host, host_name, &options, SSHCONF_CHECKPERM |
(final_pass ? SSHCONF_FINAL : 0), want_final_pass);
#else
(void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw,
host, host_name, &options, host, host_name, &options,
final_pass ? SSHCONF_FINAL : 0, want_final_pass); final_pass ? SSHCONF_FINAL : 0, want_final_pass);
#endif
} }
} }