- stevesk@cvs.openbsd.org 2002/03/20 19:12:25
[servconf.c servconf.h ssh.h sshd.c]
for unprivileged user, group do:
pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
This commit is contained in:
Ben Lindstrom
parent
f34e4eb6c7
commit
c743134191
|
|
@ -100,6 +100,10 @@
|
|||
- markus@cvs.openbsd.org 2002/03/19 15:31:47
|
||||
[auth.c]
|
||||
check for NULL; from provos@
|
||||
- stevesk@cvs.openbsd.org 2002/03/20 19:12:25
|
||||
[servconf.c servconf.h ssh.h sshd.c]
|
||||
for unprivileged user, group do:
|
||||
pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
|
||||
|
||||
20020317
|
||||
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
|
||||
|
|
@ -7946,4 +7950,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1953 2002/03/22 03:08:30 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1954 2002/03/22 03:11:49 mouring Exp $
|
||||
|
|
|
|||
21
servconf.c
21
servconf.c
|
|
@ -10,7 +10,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: servconf.c,v 1.104 2002/03/19 03:03:43 stevesk Exp $");
|
||||
RCSID("$OpenBSD: servconf.c,v 1.105 2002/03/20 19:12:24 stevesk Exp $");
|
||||
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#include <krb.h>
|
||||
|
|
@ -113,9 +113,6 @@ initialize_server_options(ServerOptions *options)
|
|||
options->authorized_keys_file = NULL;
|
||||
options->authorized_keys_file2 = NULL;
|
||||
|
||||
options->unprivileged_user = -1;
|
||||
options->unprivileged_group = -1;
|
||||
|
||||
/* Needs to be accessable in many places */
|
||||
use_privsep = -1;
|
||||
}
|
||||
|
|
@ -247,10 +244,6 @@ fill_default_server_options(ServerOptions *options)
|
|||
/* Turn privilege separation _off_ by default */
|
||||
if (use_privsep == -1)
|
||||
use_privsep = 0;
|
||||
if (options->unprivileged_user == -1)
|
||||
options->unprivileged_user = 32767;
|
||||
if (options->unprivileged_group == -1)
|
||||
options->unprivileged_group = 32767;
|
||||
}
|
||||
|
||||
/* Keyword tokens. */
|
||||
|
|
@ -283,7 +276,7 @@ typedef enum {
|
|||
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
|
||||
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
|
||||
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
|
||||
sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup,
|
||||
sUsePrivilegeSeparation,
|
||||
sDeprecated
|
||||
} ServerOpCodes;
|
||||
|
||||
|
|
@ -360,8 +353,6 @@ static struct {
|
|||
{ "authorizedkeysfile", sAuthorizedKeysFile },
|
||||
{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
|
||||
{ "useprivilegeseparation", sUsePrivilegeSeparation},
|
||||
{ "unprivuser", sUnprivUser},
|
||||
{ "unprivgroup", sUnprivGroup},
|
||||
{ NULL, sBadOption }
|
||||
};
|
||||
|
||||
|
|
@ -742,14 +733,6 @@ parse_flag:
|
|||
intptr = &use_privsep;
|
||||
goto parse_flag;
|
||||
|
||||
case sUnprivUser:
|
||||
intptr = &options->unprivileged_user;
|
||||
goto parse_int;
|
||||
|
||||
case sUnprivGroup:
|
||||
intptr = &options->unprivileged_group;
|
||||
goto parse_int;
|
||||
|
||||
case sAllowUsers:
|
||||
while ((arg = strdelim(&cp)) && *arg != '\0') {
|
||||
if (options->num_allow_users >= MAX_ALLOW_USERS)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: servconf.h,v 1.56 2002/03/19 03:03:43 stevesk Exp $ */
|
||||
/* $OpenBSD: servconf.h,v 1.57 2002/03/20 19:12:25 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
|
@ -130,9 +130,6 @@ typedef struct {
|
|||
char *authorized_keys_file; /* File containing public keys */
|
||||
char *authorized_keys_file2;
|
||||
int pam_authentication_via_kbd_int;
|
||||
|
||||
int unprivileged_user; /* User unprivileged child uses */
|
||||
int unprivileged_group; /* Group unprivileged child uses */
|
||||
} ServerOptions;
|
||||
|
||||
void initialize_server_options(ServerOptions *);
|
||||
|
|
|
|||
9
ssh.h
9
ssh.h
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh.h,v 1.64 2002/03/04 17:27:39 stevesk Exp $ */
|
||||
/* $OpenBSD: ssh.h,v 1.65 2002/03/20 19:12:25 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
|
@ -99,4 +99,11 @@
|
|||
/* Used to identify ``EscapeChar none'' */
|
||||
#define SSH_ESCAPECHAR_NONE -2
|
||||
|
||||
/*
|
||||
* unprivileged user when UsePrivilegeSeparation=yes;
|
||||
* sshd will change its pivileges to this user and its
|
||||
* primary group.
|
||||
*/
|
||||
#define SSH_PRIVSEP_USER "nobody"
|
||||
|
||||
#endif /* SSH_H */
|
||||
|
|
|
|||
15
sshd.c
15
sshd.c
|
|
@ -42,7 +42,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshd.c,v 1.234 2002/03/19 10:49:35 markus Exp $");
|
||||
RCSID("$OpenBSD: sshd.c,v 1.235 2002/03/20 19:12:25 stevesk Exp $");
|
||||
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/bn.h>
|
||||
|
|
@ -521,6 +521,7 @@ privsep_preauth_child(void)
|
|||
{
|
||||
u_int32_t rand[256];
|
||||
int i;
|
||||
struct passwd *pw;
|
||||
|
||||
/* Enable challenge-response authentication for privilege separation */
|
||||
privsep_challenge_enable();
|
||||
|
|
@ -532,6 +533,11 @@ privsep_preauth_child(void)
|
|||
/* Demote the private keys to public keys. */
|
||||
demote_sensitive_data();
|
||||
|
||||
if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
|
||||
fatal("%s: no user", SSH_PRIVSEP_USER);
|
||||
memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));
|
||||
endpwent();
|
||||
|
||||
/* Change our root directory*/
|
||||
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
|
||||
fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
|
||||
|
|
@ -540,10 +546,9 @@ privsep_preauth_child(void)
|
|||
fatal("chdir(/)");
|
||||
|
||||
/* Drop our privileges */
|
||||
setegid(options.unprivileged_group);
|
||||
setgid(options.unprivileged_group);
|
||||
seteuid(options.unprivileged_user);
|
||||
setuid(options.unprivileged_user);
|
||||
debug3("privsep user:group %u:%u", (u_int)pw->pw_uid,
|
||||
(u_int)pw->pw_gid);
|
||||
do_setusercontext(pw);
|
||||
}
|
||||
|
||||
static void
|
||||
|
|
|
|||
Loading…
Reference in New Issue