diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -1005,6 +1005,16 @@ main(int ac, char **av) | |||
1005 | if (test_flag) | 1005 | if (test_flag) |
1006 | exit(0); | 1006 | exit(0); |
1007 | 1007 | ||
1008 | /* | ||
1009 | * Clear out any supplemental groups we may have inherited. This | ||
1010 | * prevents inadvertent creation of files with bad modes (in the | ||
1011 | * portable version at least, it's certainly possible for PAM | ||
1012 | * to create a file, and we can't control the code in every | ||
1013 | * module which might be used). | ||
1014 | */ | ||
1015 | if (setgroups(0, NULL) < 0) | ||
1016 | debug("setgroups() failed: %.200s", strerror(errno)); | ||
1017 | |||
1008 | /* Initialize the log (it is reinitialized below in case we forked). */ | 1018 | /* Initialize the log (it is reinitialized below in case we forked). */ |
1009 | if (debug_flag && !inetd_flag) | 1019 | if (debug_flag && !inetd_flag) |
1010 | log_stderr = 1; | 1020 | log_stderr = 1; |