- markus@cvs.openbsd.org 2001/04/06 21:00:17

[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
author: Ben Lindstrom <mouring@eviladmin.org> 2001-04-08 18:26:59 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-04-08 18:26:59 +0000
commit: 3fcf1a22b52ed8e66d2cf548d5d4528f67377af9 (patch)
tree: b635cae14328f373bb682395ab066ee819dd77c4 /channels.c
parent: d344763643339b5ddc075cf7b8c8fb4404dc0aa0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/channels.c b/channels.c
index 6ca31b840..d5526fb83 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.101 2001/04/05 10:42:48 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.102 2001/04/06 21:00:10 markus Exp $");
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -2410,7 +2410,7 @@ auth_input_request_forwarding(struct passwd * pw)
                fatal("Protocol error: authentication forwarding requested twice.");
        /* Temporarily drop privileged uid for mkdir/bind. */
-        temporarily_use_uid(pw->pw_uid);
+        temporarily_use_uid(pw);
        /* Allocate a buffer for the socket name, and format the name. */
        channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME);
author	Ben Lindstrom <mouring@eviladmin.org>	2001-04-08 18:26:59 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-04-08 18:26:59 +0000
commit	3fcf1a22b52ed8e66d2cf548d5d4528f67377af9 (patch)
tree	b635cae14328f373bb682395ab066ee819dd77c4 /channels.c
parent	d344763643339b5ddc075cf7b8c8fb4404dc0aa0 (diff)

diff --git a/channels.c b/channels.c index 6ca31b840..d5526fb83 100644 --- a/channels.c +++ b/channels.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: channels.c,v 1.101 2001/04/05 10:42:48 markus Exp $");	43	RCSID("$OpenBSD: channels.c,v 1.102 2001/04/06 21:00:10 markus Exp $");
44		44
45	#include <openssl/rsa.h>	45	#include <openssl/rsa.h>
46	#include <openssl/dsa.h>	46	#include <openssl/dsa.h>
@@ -2410,7 +2410,7 @@ auth_input_request_forwarding(struct passwd * pw)
2410	fatal("Protocol error: authentication forwarding requested twice.");	2410	fatal("Protocol error: authentication forwarding requested twice.");
2411		2411
2412	/* Temporarily drop privileged uid for mkdir/bind. */	2412	/* Temporarily drop privileged uid for mkdir/bind. */
2413	temporarily_use_uid(pw->pw_uid);	2413	temporarily_use_uid(pw);
2414		2414
2415	/* Allocate a buffer for the socket name, and format the name. */	2415	/* Allocate a buffer for the socket name, and format the name. */
2416	channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME);	2416	channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME);