tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [sandbox-capsicum.c] Correct some error messages and make the 

return value check for cap_enter() consistent with the other uses in
   FreeBSD.  From by Loganaden Velvindron @ AfriNIC via bz#2140.
This commit is contained in:
Darren Tucker 2014-01-18 22:12:15 +11:00
parent fdce373166
commit 841f7da89a
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -14,6 +14,9 @@
declspec(dllimport). The least intrusive way to get rid of these warnings declspec(dllimport). The least intrusive way to get rid of these warnings
is to disable warnings for GCC compiler attributes when building on Cygwin. is to disable warnings for GCC compiler attributes when building on Cygwin.
Patch from vinschen at redhat.com. Patch from vinschen at redhat.com.
- (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
return value check for cap_enter() consistent with the other uses in
FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140.
20140117 20140117
- (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain

6
sandbox-capsicum.c
View File

@ -87,9 +87,9 @@ ssh_sandbox_child(struct ssh_sandbox *box)
if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS)
fatal("can't limit stdin: %m"); fatal("can't limit stdin: %m");
if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS)
fatal("can't limit stdin: %m"); fatal("can't limit stdout: %m");
if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS)
fatal("can't limit stdin: %m"); fatal("can't limit stderr: %m");
cap_rights_init(&rights, CAP_READ, CAP_WRITE); cap_rights_init(&rights, CAP_READ, CAP_WRITE);
if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1) if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1)
@ -97,7 +97,7 @@ ssh_sandbox_child(struct ssh_sandbox *box)
cap_rights_init(&rights, CAP_WRITE); cap_rights_init(&rights, CAP_WRITE);
if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1) if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1)
fatal("%s: failed to limit the logging socket", __func__); fatal("%s: failed to limit the logging socket", __func__);
if (cap_enter() != 0 && errno != ENOSYS) if (cap_enter() < 0 && errno != ENOSYS)
fatal("%s: failed to enter capability mode", __func__); fatal("%s: failed to enter capability mode", __func__);
} }