upstream commit

pledges ssh client: - mux client: which is used when ControlMaster is in use. will end with "stdio proc tty" (proc is to permit sending SIGWINCH to mux master on window resize) - client loop: several levels of pledging depending of your used options ok deraadt@ Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
author: semarie@openbsd.org <semarie@openbsd.org> 2015-12-03 17:00:18 +0000
committer: Damien Miller <djm@mindrot.org> 2015-12-04 15:14:59 +1100
commit: b91926a97620f3e51761c271ba57aa5db790f48d (patch)
tree: ab1f30a7c36b682e33e97ef4dfa852c4abc7f734 /clientloop.c
parent: bcce47466bbc974636f588b5e4a9a18ae386f64a (diff)
1 files changed, 31 insertions, 1 deletions
diff --git a/clientloop.c b/clientloop.c
index 1e05cba2e..e6e1a5657 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.276 2015/10/20 03:36:35 mmcc Exp $ */
+/* $OpenBSD: clientloop.c,v 1.277 2015/12/03 17:00:18 semarie Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1485,6 +1485,36 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
        debug("Entering interactive session.");
+        if (options.forward_x11 || options.permit_local_command) {
+                debug("pledge: exec");
+                if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty",
+                    NULL) == -1)
+                        fatal("%s pledge(): %s", __func__, strerror(errno));
+        } else if (options.update_hostkeys) {
+                debug("pledge: filesystem full");
+                if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
+                    NULL) == -1)
+                        fatal("%s pledge(): %s", __func__, strerror(errno));
+        } else if (! option_clear_or_none(options.proxy_command)) {
+                debug("pledge: proc");
+                if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
+                        fatal("%s pledge(): %s", __func__, strerror(errno));
+        } else if (options.control_master &&
+            ! option_clear_or_none(options.control_path)) {
+                debug("pledge: filesystem create");
+                if (pledge("stdio cpath unix inet dns tty",
+                    NULL) == -1)
+                        fatal("%s pledge(): %s", __func__, strerror(errno));
+        } else {
+                debug("pledge: network");
+                if (pledge("stdio unix inet dns tty", NULL) == -1)
+                        fatal("%s pledge(): %s", __func__, strerror(errno));
+        }
        start_time = get_current_time();
        /* Initialize variables. */
author	semarie@openbsd.org <semarie@openbsd.org>	2015-12-03 17:00:18 +0000
committer	Damien Miller <djm@mindrot.org>	2015-12-04 15:14:59 +1100
commit	b91926a97620f3e51761c271ba57aa5db790f48d (patch)
tree	ab1f30a7c36b682e33e97ef4dfa852c4abc7f734 /clientloop.c
parent	bcce47466bbc974636f588b5e4a9a18ae386f64a (diff)

diff --git a/clientloop.c b/clientloop.c index 1e05cba2e..e6e1a5657 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: clientloop.c,v 1.276 2015/10/20 03:36:35 mmcc Exp $ */	1	/* $OpenBSD: clientloop.c,v 1.277 2015/12/03 17:00:18 semarie Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1485,6 +1485,36 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1485		1485
1486	debug("Entering interactive session.");	1486	debug("Entering interactive session.");
1487		1487
		1488	if (options.forward_x11 \|\| options.permit_local_command) {
		1489	debug("pledge: exec");
		1490	if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty",
		1491	NULL) == -1)
		1492	fatal("%s pledge(): %s", __func__, strerror(errno));
		1493
		1494	} else if (options.update_hostkeys) {
		1495	debug("pledge: filesystem full");
		1496	if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
		1497	NULL) == -1)
		1498	fatal("%s pledge(): %s", __func__, strerror(errno));
		1499
		1500	} else if (! option_clear_or_none(options.proxy_command)) {
		1501	debug("pledge: proc");
		1502	if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
		1503	fatal("%s pledge(): %s", __func__, strerror(errno));
		1504
		1505	} else if (options.control_master &&
		1506	! option_clear_or_none(options.control_path)) {
		1507	debug("pledge: filesystem create");
		1508	if (pledge("stdio cpath unix inet dns tty",
		1509	NULL) == -1)
		1510	fatal("%s pledge(): %s", __func__, strerror(errno));
		1511
		1512	} else {
		1513	debug("pledge: network");
		1514	if (pledge("stdio unix inet dns tty", NULL) == -1)
		1515	fatal("%s pledge(): %s", __func__, strerror(errno));
		1516	}
		1517
1488	start_time = get_current_time();	1518	start_time = get_current_time();
1489		1519
1490	/* Initialize variables. */	1520	/* Initialize variables. */