tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 07:44:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

retain Solaris PRIV_FILE_LINK_ANY in sftp-server

Browse Source 
Dropping this privilege removes the ability to create hard links to
files owned by other users. This is required for the legacy sftp rename
operation.

bz#3036; approach ok Alex Wilson (the original author of the Solaris
sandbox/pledge replacement code)
This commit is contained in:
Damien Miller 2019-09-02 10:22:02 +10:00
parent e50f808712
commit 6b7c53498d
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openbsd-compat/port-solaris.c
View File

@ -284,11 +284,10 @@ solaris_drop_privs_pinfo_net_fork_exec(void)
priv_addset(npset, PRIV_FILE_OWNER) != 0) priv_addset(npset, PRIV_FILE_OWNER) != 0)
fatal("priv_addset: %s", strerror(errno)); fatal("priv_addset: %s", strerror(errno));
if (priv_delset(npset, PRIV_FILE_LINK_ANY) != 0 || if (priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
#ifdef PRIV_NET_ACCESS #ifdef PRIV_NET_ACCESS
priv_delset(npset, PRIV_NET_ACCESS) != 0 || priv_delset(npset, PRIV_NET_ACCESS) != 0 ||
#endif #endif
priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
priv_delset(npset, PRIV_PROC_FORK) != 0 || priv_delset(npset, PRIV_PROC_FORK) != 0 ||
priv_delset(npset, PRIV_PROC_INFO) != 0 || priv_delset(npset, PRIV_PROC_INFO) != 0 ||
priv_delset(npset, PRIV_PROC_SESSION) != 0) priv_delset(npset, PRIV_PROC_SESSION) != 0)