- markus@cvs.openbsd.org 2001/04/06 21:00:17 [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h] do gid/groups-swap in addition to uid-swap, should help if /home/group is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.

commit: 3fcf1a22b52ed8e66d2cf548d5d4528f67377af9 [log] [tgz]
author: Ben Lindstrom <mouring@eviladmin.org> Sun Apr 08 18:26:59 2001 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> Sun Apr 08 18:26:59 2001 +0000
tree: b635cae14328f373bb682395ab066ee819dd77c4
parent: d344763643339b5ddc075cf7b8c8fb4404dc0aa0 [diff] [blame]
diff --git a/channels.c b/channels.c
index 6ca31b8..d5526fb 100644
--- a/channels.c
+++ b/channels.c

@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.101 2001/04/05 10:42:48 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.102 2001/04/06 21:00:10 markus Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -2410,7 +2410,7 @@
 		fatal("Protocol error: authentication forwarding requested twice.");
 
 	/* Temporarily drop privileged uid for mkdir/bind. */
-	temporarily_use_uid(pw->pw_uid);
+	temporarily_use_uid(pw);
 
 	/* Allocate a buffer for the socket name, and format the name. */
 	channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME);
commit	3fcf1a22b52ed8e66d2cf548d5d4528f67377af9	[log] [tgz]
author	Ben Lindstrom <mouring@eviladmin.org>	Sun Apr 08 18:26:59 2001 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	Sun Apr 08 18:26:59 2001 +0000
tree	b635cae14328f373bb682395ab066ee819dd77c4
parent	d344763643339b5ddc075cf7b8c8fb4404dc0aa0 [diff] [blame]