diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-07-03 07:02:37 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-07-03 17:03:54 +1000 |
commit | 20b5fab9f773b3d3c7f06cb15b8f69a2c081ee80 (patch) | |
tree | 826fcc6e509cb65556b053e934f42e0cba706b45 | |
parent | c8935081db35d73ee6355999142fa0776a2af912 (diff) |
upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - if
sshd is in chroot mode, the likely absence of a password database will cause
tilde_expand_filename() to fatal; ok dtucker@
OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
-rw-r--r-- | session.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.321 2020/07/03 06:46:41 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.322 2020/07/03 07:02:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -1212,7 +1212,7 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) | |||
1212 | 1212 | ||
1213 | do_xauth = | 1213 | do_xauth = |
1214 | s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; | 1214 | s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; |
1215 | user_rc = tilde_expand_filename("~/" _PATH_SSH_USER_RC, getuid()); | 1215 | xasprintf(&user_rc, "%s/%s", s->pw->pw_dir, _PATH_SSH_USER_RC); |
1216 | 1216 | ||
1217 | /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ | 1217 | /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ |
1218 | if (!s->is_subsystem && options.adm_forced_command == NULL && | 1218 | if (!s->is_subsystem && options.adm_forced_command == NULL && |