diff options
Diffstat (limited to 'contrib/chroot.diff')
-rw-r--r-- | contrib/chroot.diff | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/contrib/chroot.diff b/contrib/chroot.diff deleted file mode 100644 index d2a42d85b..000000000 --- a/contrib/chroot.diff +++ /dev/null | |||
@@ -1,61 +0,0 @@ | |||
1 | From: Ricardo Cerqueira <rmcc@clix.pt> | ||
2 | |||
3 | A patch to cause sshd to chroot when it encounters the magic token | ||
4 | '/./' in a users home directory. The directory portion before the | ||
5 | token is the directory to chroot() to, the portion after the | ||
6 | token is the user's home directory relative to the new root. | ||
7 | |||
8 | Index: session.c | ||
9 | =================================================================== | ||
10 | RCS file: /var/cvs/openssh/session.c,v | ||
11 | retrieving revision 1.4 | ||
12 | diff -u -r1.4 session.c | ||
13 | --- session.c 2000/04/16 02:31:51 1.4 | ||
14 | +++ session.c 2000/04/16 02:47:55 | ||
15 | @@ -27,6 +27,8 @@ | ||
16 | #include "ssh2.h" | ||
17 | #include "auth.h" | ||
18 | |||
19 | +#define CHROOT | ||
20 | + | ||
21 | /* types */ | ||
22 | |||
23 | #define TTYSZ 64 | ||
24 | @@ -783,6 +785,10 @@ | ||
25 | extern char **environ; | ||
26 | struct stat st; | ||
27 | char *argv[10]; | ||
28 | +#ifdef CHROOT | ||
29 | + char *user_dir; | ||
30 | + char *new_root; | ||
31 | +#endif /* CHROOT */ | ||
32 | |||
33 | #ifndef USE_PAM /* pam_nologin handles this */ | ||
34 | f = fopen("/etc/nologin", "r"); | ||
35 | @@ -799,6 +805,26 @@ | ||
36 | /* Set login name in the kernel. */ | ||
37 | if (setlogin(pw->pw_name) < 0) | ||
38 | error("setlogin failed: %s", strerror(errno)); | ||
39 | + | ||
40 | +#ifdef CHROOT | ||
41 | + user_dir = xstrdup(pw->pw_dir); | ||
42 | + new_root = user_dir + 1; | ||
43 | + | ||
44 | + while((new_root = strchr(new_root, '.')) != NULL) { | ||
45 | + new_root--; | ||
46 | + if(strncmp(new_root, "/./", 3) == 0) { | ||
47 | + *new_root = '\0'; | ||
48 | + new_root += 2; | ||
49 | + | ||
50 | + if(chroot(user_dir) != 0) | ||
51 | + fatal("Couldn't chroot to user directory %s", user_dir); | ||
52 | + | ||
53 | + pw->pw_dir = new_root; | ||
54 | + break; | ||
55 | + } | ||
56 | + new_root += 2; | ||
57 | + } | ||
58 | +#endif /* CHROOT */ | ||
59 | |||
60 | /* Set uid, gid, and groups. */ | ||
61 | /* Login(1) does this as well, and it needs uid 0 for the "-h" | ||