- (djm) Clear supplemental groups at sshd start to prevent them from
being propogated to random PAM modules. Based on patch from Redhat via Pekka Savola <pekkas@netcore.fi>
This commit is contained in:
Damien Miller
parent
ba6f9f9e49
commit
ebf989e601
|
|
@ -5,6 +5,9 @@
|
||||||
Redhat
|
Redhat
|
||||||
- (djm) Redhat initscript config sanity checking from Pekka Savola
|
- (djm) Redhat initscript config sanity checking from Pekka Savola
|
||||||
<pekkas@netcore.fi>
|
<pekkas@netcore.fi>
|
||||||
|
- (djm) Clear supplemental groups at sshd start to prevent them from
|
||||||
|
being propogated to random PAM modules. Based on patch from Redhat via
|
||||||
|
Pekka Savola <pekkas@netcore.fi>
|
||||||
|
|
||||||
20010914
|
20010914
|
||||||
- (bal) OpenBSD CVS Sync
|
- (bal) OpenBSD CVS Sync
|
||||||
|
|
@ -6436,4 +6439,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1518 2001/09/15 11:03:10 djm Exp $
|
$Id: ChangeLog,v 1.1519 2001/09/15 11:12:49 djm Exp $
|
||||||
|
|
|
||||||
4
sshd.c
4
sshd.c
|
|
@ -782,6 +782,10 @@ main(int ac, char **av)
|
||||||
log_stderr = 1;
|
log_stderr = 1;
|
||||||
log_init(__progname, options.log_level, options.log_facility, log_stderr);
|
log_init(__progname, options.log_level, options.log_facility, log_stderr);
|
||||||
|
|
||||||
|
/* Make supp. groups don't get propogated to PAM modules */
|
||||||
|
if (setgroups(0, NULL) < 0)
|
||||||
|
fatal("setgroups() failed: %.200s", strerror(errno));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If not in debugging mode, and not started from inetd, disconnect
|
* If not in debugging mode, and not started from inetd, disconnect
|
||||||
* from the controlling terminal, and fork. The original process
|
* from the controlling terminal, and fork. The original process
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue