diff options
Diffstat (limited to 'debian/patches/user-group-modes.patch')
-rw-r--r-- | debian/patches/user-group-modes.patch | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch new file mode 100644 index 000000000..47bb458e6 --- /dev/null +++ b/debian/patches/user-group-modes.patch | |||
@@ -0,0 +1,72 @@ | |||
1 | Index: b/readconf.c | ||
2 | =================================================================== | ||
3 | --- a/readconf.c | ||
4 | +++ b/readconf.c | ||
5 | @@ -28,6 +28,8 @@ | ||
6 | #include <stdio.h> | ||
7 | #include <string.h> | ||
8 | #include <unistd.h> | ||
9 | +#include <pwd.h> | ||
10 | +#include <grp.h> | ||
11 | |||
12 | #include "xmalloc.h" | ||
13 | #include "ssh.h" | ||
14 | @@ -998,11 +1000,30 @@ | ||
15 | |||
16 | if (checkperm) { | ||
17 | struct stat sb; | ||
18 | + int bad_modes = 0; | ||
19 | |||
20 | if (fstat(fileno(f), &sb) == -1) | ||
21 | fatal("fstat %s: %s", filename, strerror(errno)); | ||
22 | - if (((sb.st_uid != 0 && sb.st_uid != getuid()) || | ||
23 | - (sb.st_mode & 022) != 0)) | ||
24 | + if (sb.st_uid != 0 && sb.st_uid != getuid()) | ||
25 | + bad_modes = 1; | ||
26 | + if ((sb.st_mode & 020) != 0) { | ||
27 | + /* If the file is group-writable, the group in | ||
28 | + * question must have at most one member, namely the | ||
29 | + * file's owner. | ||
30 | + */ | ||
31 | + struct passwd *pw = getpwuid(sb.st_uid); | ||
32 | + struct group *gr = getgrgid(sb.st_gid); | ||
33 | + if (!pw || !gr) | ||
34 | + bad_modes = 1; | ||
35 | + else if (gr->gr_mem[0]) { | ||
36 | + if (strcmp(pw->pw_name, gr->gr_mem[0]) || | ||
37 | + gr->gr_mem[1]) | ||
38 | + bad_modes = 1; | ||
39 | + } | ||
40 | + } | ||
41 | + if ((sb.st_mode & 002) != 0) | ||
42 | + bad_modes = 1; | ||
43 | + if (bad_modes) | ||
44 | fatal("Bad owner or permissions on %s", filename); | ||
45 | } | ||
46 | |||
47 | Index: b/ssh.1 | ||
48 | =================================================================== | ||
49 | --- a/ssh.1 | ||
50 | +++ b/ssh.1 | ||
51 | @@ -1299,6 +1299,8 @@ | ||
52 | .Xr ssh_config 5 . | ||
53 | Because of the potential for abuse, this file must have strict permissions: | ||
54 | read/write for the user, and not accessible by others. | ||
55 | +It may be group-writable provided that the group in question contains only | ||
56 | +the user. | ||
57 | .Pp | ||
58 | .It ~/.ssh/environment | ||
59 | Contains additional definitions for environment variables; see | ||
60 | Index: b/ssh_config.5 | ||
61 | =================================================================== | ||
62 | --- a/ssh_config.5 | ||
63 | +++ b/ssh_config.5 | ||
64 | @@ -1194,6 +1194,8 @@ | ||
65 | This file is used by the SSH client. | ||
66 | Because of the potential for abuse, this file must have strict permissions: | ||
67 | read/write for the user, and not accessible by others. | ||
68 | +It may be group-writable provided that the group in question contains only | ||
69 | +the user. | ||
70 | .It Pa /etc/ssh/ssh_config | ||
71 | Systemwide configuration file. | ||
72 | This file provides defaults for those | ||