- markus@cvs.openbsd.org 2001/04/06 21:00:17
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
diff --git a/session.c b/session.c
index 5264ac1..8da7993 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.70 2001/04/05 15:48:18 stevesk Exp $");
+RCSID("$OpenBSD: session.c,v 1.71 2001/04/06 21:00:12 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -365,7 +365,7 @@
/* Setup to always have a local .Xauthority. */
xauthfile = xmalloc(MAXPATHLEN);
strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
- temporarily_use_uid(s->pw->pw_uid);
+ temporarily_use_uid(s->pw);
if (mkdtemp(xauthfile) == NULL) {
restore_uid();
error("private X11 dir: mkdtemp %s failed: %s",
@@ -1152,7 +1152,7 @@
#endif
/* Permanently switch to the desired uid. */
- permanently_set_uid(pw->pw_uid);
+ permanently_set_uid(pw);
# endif /* HAVE_LOGIN_CAP */
}
#endif /* HAVE_OSF_SIA */
@@ -1710,7 +1710,7 @@
}
xauthfile = xmalloc(MAXPATHLEN);
strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
- temporarily_use_uid(s->pw->pw_uid);
+ temporarily_use_uid(s->pw);
if (mkdtemp(xauthfile) == NULL) {
restore_uid();
error("private X11 dir: mkdtemp %s failed: %s",