diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-05-15 16:17:56 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-05-15 16:17:56 +0000 |
| commit | 17401b6b772213ae466cb3ac287b4980ff9f7d0d (patch) | |
| tree | 8dde6c72117e92007bbfd4ae6f7d17eecb309b35 | |
| parent | a574cda45b5d3c3363520ef9e4aa3aaa5888c078 (diff) | |
- millert@cvs.openbsd.org 2002/05/13 15:53:19
[sshd.c]
Call setsid() in the child after sshd accepts the connection and forks.
This is needed for privsep which calls setlogin() when it changes uids.
Without this, there is a race where the login name of an existing
connection, as returned by getlogin(), may be changed to the privsep
user (sshd). markus@ OK
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | sshd.c | 10 |
2 files changed, 17 insertions, 2 deletions
| @@ -17,6 +17,13 @@ | |||
| 17 | [auth-options.c auth.c auth.h] | 17 | [auth-options.c auth.c auth.h] |
| 18 | move the packet_send_debug handling from auth-options.c to auth.c; | 18 | move the packet_send_debug handling from auth-options.c to auth.c; |
| 19 | ok provos@ | 19 | ok provos@ |
| 20 | - millert@cvs.openbsd.org 2002/05/13 15:53:19 | ||
| 21 | [sshd.c] | ||
| 22 | Call setsid() in the child after sshd accepts the connection and forks. | ||
| 23 | This is needed for privsep which calls setlogin() when it changes uids. | ||
| 24 | Without this, there is a race where the login name of an existing | ||
| 25 | connection, as returned by getlogin(), may be changed to the privsep | ||
| 26 | user (sshd). markus@ OK | ||
| 20 | 27 | ||
| 21 | 20020514 | 28 | 20020514 |
| 22 | - (stevesk) [README.privsep] PAM+privsep works with Solaris 8. | 29 | - (stevesk) [README.privsep] PAM+privsep works with Solaris 8. |
| @@ -621,4 +628,4 @@ | |||
| 621 | - (stevesk) entropy.c: typo in debug message | 628 | - (stevesk) entropy.c: typo in debug message |
| 622 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 629 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
| 623 | 630 | ||
| 624 | $Id: ChangeLog,v 1.2126 2002/05/15 16:16:14 mouring Exp $ | 631 | $Id: ChangeLog,v 1.2127 2002/05/15 16:17:56 mouring Exp $ |
| @@ -42,7 +42,7 @@ | |||
| 42 | */ | 42 | */ |
| 43 | 43 | ||
| 44 | #include "includes.h" | 44 | #include "includes.h" |
| 45 | RCSID("$OpenBSD: sshd.c,v 1.240 2002/04/23 22:16:29 djm Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.241 2002/05/13 15:53:19 millert Exp $"); |
| 46 | 46 | ||
| 47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
| 48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
| @@ -1332,6 +1332,14 @@ main(int ac, char **av) | |||
| 1332 | /* This is the child processing a new connection. */ | 1332 | /* This is the child processing a new connection. */ |
| 1333 | 1333 | ||
| 1334 | /* | 1334 | /* |
| 1335 | * Create a new session and process group since the 4.4BSD | ||
| 1336 | * setlogin() affects the entire process group. We don't | ||
| 1337 | * want the child to be able to affect the parent. | ||
| 1338 | */ | ||
| 1339 | if (setsid() < 0) | ||
| 1340 | error("setsid: %.100s", strerror(errno)); | ||
| 1341 | |||
| 1342 | /* | ||
| 1335 | * Disable the key regeneration alarm. We will not regenerate the | 1343 | * Disable the key regeneration alarm. We will not regenerate the |
| 1336 | * key since we are no longer in a position to give it to anyone. We | 1344 | * key since we are no longer in a position to give it to anyone. We |
| 1337 | * will not restart on SIGHUP since it no longer makes sense. | 1345 | * will not restart on SIGHUP since it no longer makes sense. |