summaryrefslogtreecommitdiff
path: root/debian/patches/user-group-modes.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/user-group-modes.patch')
-rw-r--r--debian/patches/user-group-modes.patch56
1 files changed, 52 insertions, 4 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index ddedbf79a..64ecbd7c8 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -109,10 +109,35 @@ Index: b/misc.c
109 #ifdef SSH_TUN_OPENBSD 109 #ifdef SSH_TUN_OPENBSD
110 #include <net/if.h> 110 #include <net/if.h>
111 #endif 111 #endif
112@@ -642,6 +643,55 @@ 112@@ -58,6 +59,7 @@
113 #include "misc.h"
114 #include "log.h"
115 #include "ssh.h"
116+#include "platform.h"
117
118 /* remove newline at end of string */
119 char *
120@@ -641,6 +643,71 @@
121 return -1;
113 } 122 }
114 123
115 int 124+/*
125+ * return 1 if the specified uid is a uid that may own a system directory
126+ * otherwise 0.
127+ */
128+int
129+platform_sys_dir_uid(uid_t uid)
130+{
131+ if (uid == 0)
132+ return 1;
133+#ifdef PLATFORM_SYS_DIR_UID
134+ if (uid == PLATFORM_SYS_DIR_UID)
135+ return 1;
136+#endif
137+ return 0;
138+}
139+
140+int
116+secure_permissions(struct stat *st, uid_t uid) 141+secure_permissions(struct stat *st, uid_t uid)
117+{ 142+{
118+ if (!platform_sys_dir_uid(st->st_uid) && st->st_uid != uid) 143+ if (!platform_sys_dir_uid(st->st_uid) && st->st_uid != uid)
@@ -161,10 +186,9 @@ Index: b/misc.c
161+ return 1; 186+ return 1;
162+} 187+}
163+ 188+
164+int 189 int
165 tun_open(int tun, int mode) 190 tun_open(int tun, int mode)
166 { 191 {
167 #if defined(CUSTOM_SYS_TUN_OPEN)
168Index: b/misc.h 192Index: b/misc.h
169=================================================================== 193===================================================================
170--- a/misc.h 194--- a/misc.h
@@ -200,3 +224,27 @@ Index: b/auth-rhosts.c
200 logit("Rhosts authentication refused for %.100s: bad modes for %.200s", 224 logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
201 pw->pw_name, buf); 225 pw->pw_name, buf);
202 auth_debug_add("Bad file modes for %.200s", buf); 226 auth_debug_add("Bad file modes for %.200s", buf);
227Index: b/platform.c
228===================================================================
229--- a/platform.c
230+++ b/platform.c
231@@ -194,19 +194,3 @@
232 return NULL;
233 #endif
234 }
235-
236-/*
237- * return 1 if the specified uid is a uid that may own a system directory
238- * otherwise 0.
239- */
240-int
241-platform_sys_dir_uid(uid_t uid)
242-{
243- if (uid == 0)
244- return 1;
245-#ifdef PLATFORM_SYS_DIR_UID
246- if (uid == PLATFORM_SYS_DIR_UID)
247- return 1;
248-#endif
249- return 0;
250-}