summaryrefslogtreecommitdiff
path: root/debian/patches/user-group-modes.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/user-group-modes.patch')
-rw-r--r--debian/patches/user-group-modes.patch34
1 files changed, 17 insertions, 17 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index bc2390e06..899c60123 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
1From 7b931d36ad36a93d2b1811858ca29408ec44ecae Mon Sep 17 00:00:00 2001 1From e04a43bd5798ba43d910493d179438845e96f631 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:09:58 +0000 3Date: Sun, 9 Feb 2014 16:09:58 +0000
4Subject: Allow harmless group-writability 4Subject: Allow harmless group-writability
@@ -13,7 +13,7 @@ default.
13 13
14Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 14Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
15Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 15Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
16Last-Update: 2017-10-04 16Last-Update: 2019-06-05
17 17
18Patch-Name: user-group-modes.patch 18Patch-Name: user-group-modes.patch
19--- 19---
@@ -51,7 +51,7 @@ index 57296e1f6..546aa0495 100644
51 pw->pw_name, buf); 51 pw->pw_name, buf);
52 auth_debug_add("Bad file modes for %.200s", buf); 52 auth_debug_add("Bad file modes for %.200s", buf);
53diff --git a/auth.c b/auth.c 53diff --git a/auth.c b/auth.c
54index d8e6b4a3d..9d1d453f1 100644 54index f7a23afba..8ffd77662 100644
55--- a/auth.c 55--- a/auth.c
56+++ b/auth.c 56+++ b/auth.c
57@@ -473,8 +473,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, 57@@ -473,8 +473,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host,
@@ -65,10 +65,10 @@ index d8e6b4a3d..9d1d453f1 100644
65 "bad owner or modes for %.200s", 65 "bad owner or modes for %.200s",
66 pw->pw_name, user_hostfile); 66 pw->pw_name, user_hostfile);
67diff --git a/misc.c b/misc.c 67diff --git a/misc.c b/misc.c
68index bdc06fdb3..5159e6692 100644 68index 009e02bc5..634b5060a 100644
69--- a/misc.c 69--- a/misc.c
70+++ b/misc.c 70+++ b/misc.c
71@@ -58,8 +58,9 @@ 71@@ -59,8 +59,9 @@
72 #include <netdb.h> 72 #include <netdb.h>
73 #ifdef HAVE_PATHS_H 73 #ifdef HAVE_PATHS_H
74 # include <paths.h> 74 # include <paths.h>
@@ -79,7 +79,7 @@ index bdc06fdb3..5159e6692 100644
79 #ifdef SSH_TUN_OPENBSD 79 #ifdef SSH_TUN_OPENBSD
80 #include <net/if.h> 80 #include <net/if.h>
81 #endif 81 #endif
82@@ -1028,6 +1029,55 @@ percent_expand(const char *string, ...) 82@@ -1103,6 +1104,55 @@ percent_expand(const char *string, ...)
83 #undef EXPAND_MAX_KEYS 83 #undef EXPAND_MAX_KEYS
84 } 84 }
85 85
@@ -135,7 +135,7 @@ index bdc06fdb3..5159e6692 100644
135 int 135 int
136 tun_open(int tun, int mode, char **ifname) 136 tun_open(int tun, int mode, char **ifname)
137 { 137 {
138@@ -1786,8 +1836,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, 138@@ -1860,8 +1910,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
139 snprintf(err, errlen, "%s is not a regular file", buf); 139 snprintf(err, errlen, "%s is not a regular file", buf);
140 return -1; 140 return -1;
141 } 141 }
@@ -145,7 +145,7 @@ index bdc06fdb3..5159e6692 100644
145 snprintf(err, errlen, "bad ownership or modes for file %s", 145 snprintf(err, errlen, "bad ownership or modes for file %s",
146 buf); 146 buf);
147 return -1; 147 return -1;
148@@ -1802,8 +1851,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, 148@@ -1876,8 +1925,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
149 strlcpy(buf, cp, sizeof(buf)); 149 strlcpy(buf, cp, sizeof(buf));
150 150
151 if (stat(buf, &st) < 0 || 151 if (stat(buf, &st) < 0 ||
@@ -156,10 +156,10 @@ index bdc06fdb3..5159e6692 100644
156 "bad ownership or modes for directory %s", buf); 156 "bad ownership or modes for directory %s", buf);
157 return -1; 157 return -1;
158diff --git a/misc.h b/misc.h 158diff --git a/misc.h b/misc.h
159index 31b207a8d..aaf966e65 100644 159index 5b4325aba..a4bdee187 100644
160--- a/misc.h 160--- a/misc.h
161+++ b/misc.h 161+++ b/misc.h
162@@ -168,6 +168,8 @@ int safe_path_fd(int, const char *, struct passwd *, 162@@ -175,6 +175,8 @@ int safe_path_fd(int, const char *, struct passwd *,
163 char *read_passphrase(const char *, int); 163 char *read_passphrase(const char *, int);
164 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); 164 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
165 165
@@ -169,10 +169,10 @@ index 31b207a8d..aaf966e65 100644
169 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) 169 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
170 #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) 170 #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y))
171diff --git a/readconf.c b/readconf.c 171diff --git a/readconf.c b/readconf.c
172index 052d4b1ac..6b01f20d2 100644 172index 3d0b6ff90..cd60007f8 100644
173--- a/readconf.c 173--- a/readconf.c
174+++ b/readconf.c 174+++ b/readconf.c
175@@ -1820,8 +1820,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, 175@@ -1846,8 +1846,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
176 176
177 if (fstat(fileno(f), &sb) == -1) 177 if (fstat(fileno(f), &sb) == -1)
178 fatal("fstat %s: %s", filename, strerror(errno)); 178 fatal("fstat %s: %s", filename, strerror(errno));
@@ -183,10 +183,10 @@ index 052d4b1ac..6b01f20d2 100644
183 } 183 }
184 184
185diff --git a/ssh.1 b/ssh.1 185diff --git a/ssh.1 b/ssh.1
186index 7760c3075..81f29af43 100644 186index a1c7d2305..64ead5f57 100644
187--- a/ssh.1 187--- a/ssh.1
188+++ b/ssh.1 188+++ b/ssh.1
189@@ -1485,6 +1485,8 @@ The file format and configuration options are described in 189@@ -1484,6 +1484,8 @@ The file format and configuration options are described in
190 .Xr ssh_config 5 . 190 .Xr ssh_config 5 .
191 Because of the potential for abuse, this file must have strict permissions: 191 Because of the potential for abuse, this file must have strict permissions:
192 read/write for the user, and not writable by others. 192 read/write for the user, and not writable by others.
@@ -196,13 +196,13 @@ index 7760c3075..81f29af43 100644
196 .It Pa ~/.ssh/environment 196 .It Pa ~/.ssh/environment
197 Contains additional definitions for environment variables; see 197 Contains additional definitions for environment variables; see
198diff --git a/ssh_config.5 b/ssh_config.5 198diff --git a/ssh_config.5 b/ssh_config.5
199index 54e143c93..7d55fa820 100644 199index 250c92d04..bd1e9311d 100644
200--- a/ssh_config.5 200--- a/ssh_config.5
201+++ b/ssh_config.5 201+++ b/ssh_config.5
202@@ -1835,6 +1835,8 @@ The format of this file is described above. 202@@ -1885,6 +1885,8 @@ The format of this file is described above.
203 This file is used by the SSH client. 203 This file is used by the SSH client.
204 Because of the potential for abuse, this file must have strict permissions: 204 Because of the potential for abuse, this file must have strict permissions:
205 read/write for the user, and not accessible by others. 205 read/write for the user, and not writable by others.
206+It may be group-writable provided that the group in question contains only 206+It may be group-writable provided that the group in question contains only
207+the user. 207+the user.
208 .It Pa /etc/ssh/ssh_config 208 .It Pa /etc/ssh/ssh_config