- djm@cvs.openbsd.org 2013/04/19 01:03:01
[session.c] reintroduce 1.262 without the connection-killing bug: fatal() when ChrootDirectory specified by running without root privileges; ok markus@
This commit is contained in:
parent
0d6771b464
commit
a56086b990
|
@ -64,6 +64,11 @@
|
|||
- djm@cvs.openbsd.org 2013/04/19 01:01:00
|
||||
[ssh-keygen.c]
|
||||
fix some memory leaks; bz#2088 ok dtucker@
|
||||
- djm@cvs.openbsd.org 2013/04/19 01:03:01
|
||||
[session.c]
|
||||
reintroduce 1.262 without the connection-killing bug:
|
||||
fatal() when ChrootDirectory specified by running without root privileges;
|
||||
ok markus@
|
||||
|
||||
20130418
|
||||
- (djm) [config.guess config.sub] Update to last versions before they switch
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: session.c,v 1.263 2013/04/17 09:04:09 dtucker Exp $ */
|
||||
/* $OpenBSD: session.c,v 1.264 2013/04/19 01:03:01 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
* All rights reserved
|
||||
|
@ -1513,6 +1513,9 @@ do_setusercontext(struct passwd *pw)
|
|||
safely_chroot(chroot_path, pw->pw_uid);
|
||||
free(tmp);
|
||||
free(chroot_path);
|
||||
/* Make sure we don't attempt to chroot again */
|
||||
free(options.chroot_directory);
|
||||
options.chroot_directory = NULL;
|
||||
}
|
||||
|
||||
#ifdef HAVE_LOGIN_CAP
|
||||
|
@ -1529,6 +1532,9 @@ do_setusercontext(struct passwd *pw)
|
|||
/* Permanently switch to the desired uid. */
|
||||
permanently_set_uid(pw);
|
||||
#endif
|
||||
} else if (options.chroot_directory != NULL &&
|
||||
strcasecmp(options.chroot_directory, "none") != 0) {
|
||||
fatal("server lacks privileges to chroot to ChrootDirectory");
|
||||
}
|
||||
|
||||
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
|
||||
|
|
Loading…
Reference in New Issue