diff options
author | Damien Miller <djm@mindrot.org> | 2003-06-02 19:09:48 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-06-02 19:09:48 +1000 |
commit | 61d3680acab4704db04b94983d0bc3ac1fbecd84 (patch) | |
tree | 2a70047a2b6d64590c11c6321952cbe9cde1208f | |
parent | ab2db41b6173565461b73f48e97d94ffe0ab9353 (diff) |
- deraadt@cvs.openbsd.org 2003/05/29 16:58:45
[sshd.c uidswap.c]
seteuid and setegid; markus ok
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | sshd.c | 6 | ||||
-rw-r--r-- | uidswap.c | 6 |
3 files changed, 13 insertions, 4 deletions
@@ -12,6 +12,9 @@ | |||
12 | - djm@cvs.openbsd.org 2003/05/26 12:54:40 | 12 | - djm@cvs.openbsd.org 2003/05/26 12:54:40 |
13 | [sshconnect.c] | 13 | [sshconnect.c] |
14 | fix format strings; ok markus@ | 14 | fix format strings; ok markus@ |
15 | - deraadt@cvs.openbsd.org 2003/05/29 16:58:45 | ||
16 | [sshd.c uidswap.c] | ||
17 | seteuid and setegid; markus ok | ||
15 | 18 | ||
16 | 20030530 | 19 | 20030530 |
17 | - (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at | 20 | - (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at |
@@ -1638,4 +1641,4 @@ | |||
1638 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1641 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1639 | ok provos@ | 1642 | ok provos@ |
1640 | 1643 | ||
1641 | $Id: ChangeLog,v 1.2761 2003/06/02 09:09:13 djm Exp $ | 1644 | $Id: ChangeLog,v 1.2762 2003/06/02 09:09:48 djm Exp $ |
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.266 2003/05/24 09:30:40 djm Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.267 2003/05/29 16:58:45 deraadt Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -564,8 +564,10 @@ privsep_preauth_child(void) | |||
564 | do_setusercontext(pw); | 564 | do_setusercontext(pw); |
565 | #else | 565 | #else |
566 | gidset[0] = pw->pw_gid; | 566 | gidset[0] = pw->pw_gid; |
567 | if (setegid(pw->pw_gid) < 0) | ||
568 | fatal("setegid failed for %u", (u_int)pw->pw_gid); | ||
567 | if (setgid(pw->pw_gid) < 0) | 569 | if (setgid(pw->pw_gid) < 0) |
568 | fatal("setgid failed for %u", (u_int)pw->pw_gid ); | 570 | fatal("setgid failed for %u", (u_int)pw->pw_gid); |
569 | if (setgroups(1, gidset) < 0) | 571 | if (setgroups(1, gidset) < 0) |
570 | fatal("setgroups: %.100s", strerror(errno)); | 572 | fatal("setgroups: %.100s", strerror(errno)); |
571 | permanently_set_uid(pw); | 573 | permanently_set_uid(pw); |
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: uidswap.c,v 1.23 2002/07/15 17:15:31 stevesk Exp $"); | 15 | RCSID("$OpenBSD: uidswap.c,v 1.24 2003/05/29 16:58:45 deraadt Exp $"); |
16 | 16 | ||
17 | #include "log.h" | 17 | #include "log.h" |
18 | #include "uidswap.h" | 18 | #include "uidswap.h" |
@@ -147,8 +147,12 @@ permanently_set_uid(struct passwd *pw) | |||
147 | fatal("permanently_set_uid: temporarily_use_uid effective"); | 147 | fatal("permanently_set_uid: temporarily_use_uid effective"); |
148 | debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, | 148 | debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, |
149 | (u_int)pw->pw_gid); | 149 | (u_int)pw->pw_gid); |
150 | if (setegid(pw->pw_gid) < 0) | ||
151 | fatal("setegid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); | ||
150 | if (setgid(pw->pw_gid) < 0) | 152 | if (setgid(pw->pw_gid) < 0) |
151 | fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); | 153 | fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); |
154 | if (seteuid(pw->pw_uid) < 0) | ||
155 | fatal("seteuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); | ||
152 | if (setuid(pw->pw_uid) < 0) | 156 | if (setuid(pw->pw_uid) < 0) |
153 | fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); | 157 | fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
154 | } | 158 | } |