- markus@cvs.openbsd.org 2001/04/06 21:00:17

[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
author: Ben Lindstrom <mouring@eviladmin.org> 2001-04-08 18:26:59 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-04-08 18:26:59 +0000
commit: 3fcf1a22b52ed8e66d2cf548d5d4528f67377af9 (patch)
tree: b635cae14328f373bb682395ab066ee819dd77c4 /session.c
parent: d344763643339b5ddc075cf7b8c8fb4404dc0aa0 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/session.c b/session.c
index 5264ac182..8da799335 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.70 2001/04/05 15:48:18 stevesk Exp $");
+RCSID("$OpenBSD: session.c,v 1.71 2001/04/06 21:00:12 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -365,7 +365,7 @@ do_authenticated1(Authctxt *authctxt)
                        /* Setup to always have a local .Xauthority. */
                        xauthfile = xmalloc(MAXPATHLEN);
                        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-                        temporarily_use_uid(s->pw->pw_uid);
+                        temporarily_use_uid(s->pw);
                        if (mkdtemp(xauthfile) == NULL) {
                                restore_uid();
                                error("private X11 dir: mkdtemp %s failed: %s",
@@ -1152,7 +1152,7 @@ do_child(Session *s, const char *command)
 #endif
                        /* Permanently switch to the desired uid. */
-                        permanently_set_uid(pw->pw_uid);
+                        permanently_set_uid(pw);
 # endif /* HAVE_LOGIN_CAP */
                }
 #endif /* HAVE_OSF_SIA */
@@ -1710,7 +1710,7 @@ session_x11_req(Session *s)
        }
        xauthfile = xmalloc(MAXPATHLEN);
        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-        temporarily_use_uid(s->pw->pw_uid);
+        temporarily_use_uid(s->pw);
        if (mkdtemp(xauthfile) == NULL) {
                restore_uid();
                error("private X11 dir: mkdtemp %s failed: %s",
author	Ben Lindstrom <mouring@eviladmin.org>	2001-04-08 18:26:59 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-04-08 18:26:59 +0000
commit	3fcf1a22b52ed8e66d2cf548d5d4528f67377af9 (patch)
tree	b635cae14328f373bb682395ab066ee819dd77c4 /session.c
parent	d344763643339b5ddc075cf7b8c8fb4404dc0aa0 (diff)

diff --git a/session.c b/session.c index 5264ac182..8da799335 100644 --- a/session.c +++ b/session.c
@@ -33,7 +33,7 @@
33	*/	33	*/
34		34
35	#include "includes.h"	35	#include "includes.h"
36	RCSID("$OpenBSD: session.c,v 1.70 2001/04/05 15:48:18 stevesk Exp $");	36	RCSID("$OpenBSD: session.c,v 1.71 2001/04/06 21:00:12 markus Exp $");
37		37
38	#include "ssh.h"	38	#include "ssh.h"
39	#include "ssh1.h"	39	#include "ssh1.h"
@@ -365,7 +365,7 @@ do_authenticated1(Authctxt *authctxt)
365	/* Setup to always have a local .Xauthority. */	365	/* Setup to always have a local .Xauthority. */
366	xauthfile = xmalloc(MAXPATHLEN);	366	xauthfile = xmalloc(MAXPATHLEN);
367	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);	367	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
368	temporarily_use_uid(s->pw->pw_uid);	368	temporarily_use_uid(s->pw);
369	if (mkdtemp(xauthfile) == NULL) {	369	if (mkdtemp(xauthfile) == NULL) {
370	restore_uid();	370	restore_uid();
371	error("private X11 dir: mkdtemp %s failed: %s",	371	error("private X11 dir: mkdtemp %s failed: %s",
@@ -1152,7 +1152,7 @@ do_child(Session s, const char command)
1152	#endif	1152	#endif
1153		1153
1154	/* Permanently switch to the desired uid. */	1154	/* Permanently switch to the desired uid. */
1155	permanently_set_uid(pw->pw_uid);	1155	permanently_set_uid(pw);
1156	# endif /* HAVE_LOGIN_CAP */	1156	# endif /* HAVE_LOGIN_CAP */
1157	}	1157	}
1158	#endif /* HAVE_OSF_SIA */	1158	#endif /* HAVE_OSF_SIA */
@@ -1710,7 +1710,7 @@ session_x11_req(Session *s)
1710	}	1710	}
1711	xauthfile = xmalloc(MAXPATHLEN);	1711	xauthfile = xmalloc(MAXPATHLEN);
1712	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);	1712	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
1713	temporarily_use_uid(s->pw->pw_uid);	1713	temporarily_use_uid(s->pw);
1714	if (mkdtemp(xauthfile) == NULL) {	1714	if (mkdtemp(xauthfile) == NULL) {
1715	restore_uid();	1715	restore_uid();
1716	error("private X11 dir: mkdtemp %s failed: %s",	1716	error("private X11 dir: mkdtemp %s failed: %s",