From 625b62634c33eaef4b80d07529954fe5c6435fe5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 22 Feb 2019 03:37:11 +0000 Subject: upstream: perform removal of agent-forwarding directory in forward MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit setup error path with user's privileged. This is a no-op as this code always runs with user privilege now that we no longer support running sshd with privilege separation disabled, but as long as the privsep skeleton is there we should follow the rules. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bz#2969 with patch from Erik Sjölund OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846 --- session.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/session.c b/session.c index 96167548a..48cfaafbf 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.314 2019/02/10 11:10:57 djm Exp $ */ +/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -233,7 +233,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) authsock_err: free(auth_sock_name); if (auth_sock_dir != NULL) { + temporarily_use_uid(pw); rmdir(auth_sock_dir); + restore_uid(); free(auth_sock_dir); } if (sock != -1) -- cgit v1.2.3