- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being inherited by the child. ok djm@
This commit is contained in:
Darren Tucker
parent
112aaac0ce
commit
86c093d289
|
|
@ -1,4 +1,4 @@
|
||||||
# $Id: configure.ac,v 1.204 2004/03/03 00:08:59 djm Exp $
|
# $Id: configure.ac,v 1.205 2004/03/08 11:59:03 dtucker Exp $
|
||||||
|
|
||||||
AC_INIT
|
AC_INIT
|
||||||
AC_CONFIG_SRCDIR([ssh.c])
|
AC_CONFIG_SRCDIR([ssh.c])
|
||||||
|
|
@ -802,7 +802,7 @@ AC_CHECK_FUNCS(\
|
||||||
setproctitle setregid setreuid setrlimit \
|
setproctitle setregid setreuid setrlimit \
|
||||||
setsid setvbuf sigaction sigvec snprintf socketpair strerror \
|
setsid setvbuf sigaction sigvec snprintf socketpair strerror \
|
||||||
strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
|
strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
|
||||||
truncate updwtmpx utimes vhangup vsnprintf waitpid \
|
truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
|
||||||
)
|
)
|
||||||
|
|
||||||
# IRIX has a const char return value for gai_strerror()
|
# IRIX has a const char return value for gai_strerror()
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
/* $Id: bsd-misc.h,v 1.14 2004/02/17 05:49:55 djm Exp $ */
|
/* $Id: bsd-misc.h,v 1.15 2004/03/08 11:59:03 dtucker Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
|
* Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
|
||||||
|
|
@ -89,6 +89,10 @@ pid_t tcgetpgrp(int);
|
||||||
int tcsendbreak(int, int);
|
int tcsendbreak(int, int);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_UNSETENV
|
||||||
|
void unsetenv(const char *);
|
||||||
|
#endif
|
||||||
|
|
||||||
/* wrapper for signal interface */
|
/* wrapper for signal interface */
|
||||||
typedef void (*mysig_t)(int);
|
typedef void (*mysig_t)(int);
|
||||||
mysig_t mysignal(int sig, mysig_t act);
|
mysig_t mysignal(int sig, mysig_t act);
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
#ifndef HAVE_SETENV
|
#if !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV)
|
||||||
|
|
||||||
#if defined(LIBC_SCCS) && !defined(lint)
|
#if defined(LIBC_SCCS) && !defined(lint)
|
||||||
static char *rcsid = "$OpenBSD: setenv.c,v 1.6 2003/06/02 20:18:38 millert Exp $";
|
static char *rcsid = "$OpenBSD: setenv.c,v 1.6 2003/06/02 20:18:38 millert Exp $";
|
||||||
|
|
@ -77,6 +77,7 @@ __findenv(name, offset)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef HAVE_SETENV
|
||||||
/*
|
/*
|
||||||
* setenv --
|
* setenv --
|
||||||
* Set the value of the environmental variable "name" to be
|
* Set the value of the environmental variable "name" to be
|
||||||
|
|
@ -138,7 +139,9 @@ setenv(name, value, rewrite)
|
||||||
;
|
;
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
#endif /* HAVE_SETENV */
|
||||||
|
|
||||||
|
#ifndef HAVE_UNSETENV
|
||||||
/*
|
/*
|
||||||
* unsetenv(name) --
|
* unsetenv(name) --
|
||||||
* Delete environmental variable "name".
|
* Delete environmental variable "name".
|
||||||
|
|
@ -157,5 +160,6 @@ unsetenv(name)
|
||||||
if (!(*P = *(P + 1)))
|
if (!(*P = *(P + 1)))
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
#endif /* HAVE_UNSETENV */
|
||||||
|
|
||||||
#endif /* HAVE_SETENV */
|
#endif /* !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) */
|
||||||
|
|
|
||||||
7
sshd.c
7
sshd.c
|
|
@ -939,6 +939,13 @@ main(int ac, char **av)
|
||||||
SYSLOG_FACILITY_AUTH : options.log_facility,
|
SYSLOG_FACILITY_AUTH : options.log_facility,
|
||||||
log_stderr || !inetd_flag);
|
log_stderr || !inetd_flag);
|
||||||
|
|
||||||
|
#ifdef _AIX
|
||||||
|
/*
|
||||||
|
* Unset KRB5CCNAME, otherwise the user's session may inherit it from
|
||||||
|
* root's environment
|
||||||
|
*/
|
||||||
|
unsetenv("KRB5CCNAME");
|
||||||
|
#endif /* _AIX */
|
||||||
#ifdef _UNICOS
|
#ifdef _UNICOS
|
||||||
/* Cray can define user privs drop all prives now!
|
/* Cray can define user privs drop all prives now!
|
||||||
* Not needed on PRIV_SU systems!
|
* Not needed on PRIV_SU systems!
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue