diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-03-07 13:21:12 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-03-07 13:21:12 +1100 |
commit | c738e6c646aa0b588f50e953b4d3931c29e9ab28 (patch) | |
tree | 8b4ec045539c608e14ccd8d43af5024e6ca683fa /session.c | |
parent | b3d20a3ff0f822e2b39c3f6d31bfdea89f577465 (diff) | |
download | openssh-git-c738e6c646aa0b588f50e953b4d3931c29e9ab28.tar.gz |
- (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
do not set real uid, since that's needed for the chroot, and will be set
by permanently_set_uid.
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 22 |
1 files changed, 18 insertions, 4 deletions
@@ -1530,6 +1530,24 @@ do_setusercontext(struct passwd *pw) } # endif /* USE_LIBIAF */ #endif +#ifdef HAVE_SETPCRED + /* + * If we have a chroot directory, we set all creds except real + * uid which we will need for chroot. If we don't have a + * chroot directory, we don't override anything. + */ + { + char **creds, *chroot_creds[] = + { "REAL_USER=root", NULL }; + + if (options.chroot_directory != NULL && + strcasecmp(options.chroot_directory, "none") != 0) + creds = chroot_creds; + + if (setpcred(pw->pw_name, creds) == -1) + fatal("Failed to set process credentials"); + } +#endif /* HAVE_SETPCRED */ if (options.chroot_directory != NULL && strcasecmp(options.chroot_directory, "none") != 0) { @@ -1542,10 +1560,6 @@ do_setusercontext(struct passwd *pw) free(chroot_path); } -#ifdef HAVE_SETPCRED - if (setpcred(pw->pw_name, (char **)NULL) == -1) - fatal("Failed to set process credentials"); -#endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { perror("unable to set user context (setuser)"); |