- (djm) Try to drop supplemental groups at daemon startup. Patch from
RedHat
This commit is contained in:
parent
cfe4a89eef
commit
87aea25f1a
|
@ -2,6 +2,8 @@
|
|||
- (djm) Rework RedHat RPM files. Based on spec from Nalin
|
||||
Dahyabhai <nalin@redhat.com> and patches from
|
||||
Pekka Savola <pekkas@netcore.fi>
|
||||
- (djm) Try to drop supplemental groups at daemon startup. Patch from
|
||||
RedHat
|
||||
|
||||
20020509
|
||||
- (tim) [Makefile.in] Unbreak make -f Makefile.in distprep
|
||||
|
@ -553,4 +555,4 @@
|
|||
- (stevesk) entropy.c: typo in debug message
|
||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||
|
||||
$Id: ChangeLog,v 1.2101 2002/05/10 02:19:23 djm Exp $
|
||||
$Id: ChangeLog,v 1.2102 2002/05/10 02:20:24 djm Exp $
|
||||
|
|
10
sshd.c
10
sshd.c
|
@ -1005,6 +1005,16 @@ main(int ac, char **av)
|
|||
if (test_flag)
|
||||
exit(0);
|
||||
|
||||
/*
|
||||
* Clear out any supplemental groups we may have inherited. This
|
||||
* prevents inadvertent creation of files with bad modes (in the
|
||||
* portable version at least, it's certainly possible for PAM
|
||||
* to create a file, and we can't control the code in every
|
||||
* module which might be used).
|
||||
*/
|
||||
if (setgroups(0, NULL) < 0)
|
||||
debug("setgroups() failed: %.200s", strerror(errno));
|
||||
|
||||
/* Initialize the log (it is reinitialized below in case we forked). */
|
||||
if (debug_flag && !inetd_flag)
|
||||
log_stderr = 1;
|
||||
|
|
Loading…
Reference in New Issue