diff options
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 13 |
1 files changed, 12 insertions, 1 deletions
| @@ -42,7 +42,7 @@ | |||
| 42 | */ | 42 | */ |
| 43 | 43 | ||
| 44 | #include "includes.h" | 44 | #include "includes.h" |
| 45 | RCSID("$OpenBSD: sshd.c,v 1.250 2002/06/23 10:29:52 deraadt Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.251 2002/06/25 18:51:04 markus Exp $"); |
| 46 | 46 | ||
| 47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
| 48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
| @@ -530,6 +530,7 @@ static void | |||
| 530 | privsep_preauth_child(void) | 530 | privsep_preauth_child(void) |
| 531 | { | 531 | { |
| 532 | u_int32_t rand[256]; | 532 | u_int32_t rand[256]; |
| 533 | gid_t gidset[2]; | ||
| 533 | struct passwd *pw; | 534 | struct passwd *pw; |
| 534 | int i; | 535 | int i; |
| 535 | 536 | ||
| @@ -559,7 +560,17 @@ privsep_preauth_child(void) | |||
| 559 | /* Drop our privileges */ | 560 | /* Drop our privileges */ |
| 560 | debug3("privsep user:group %u:%u", (u_int)pw->pw_uid, | 561 | debug3("privsep user:group %u:%u", (u_int)pw->pw_uid, |
| 561 | (u_int)pw->pw_gid); | 562 | (u_int)pw->pw_gid); |
| 563 | #if 0 | ||
| 564 | /* XXX not ready, to heavy after chroot */ | ||
| 562 | do_setusercontext(pw); | 565 | do_setusercontext(pw); |
| 566 | #else | ||
| 567 | gidset[0] = pw->pw_gid; | ||
| 568 | if (setgid(pw->pw_gid) < 0) | ||
| 569 | fatal("setgid failed for %u", pw->pw_gid ); | ||
| 570 | if (setgroups(1, gidset) < 0) | ||
| 571 | fatal("setgroups: %.100s", strerror(errno)); | ||
| 572 | permanently_set_uid(pw); | ||
| 573 | #endif | ||
| 563 | } | 574 | } |
| 564 | 575 | ||
| 565 | static Authctxt* | 576 | static Authctxt* |