- markus@cvs.openbsd.org 2001/04/06 21:00:17
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
diff --git a/ssh.c b/ssh.c
index 278e7ed..294bcf3 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.106 2001/04/05 21:05:24 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.107 2001/04/06 21:00:13 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -265,6 +265,15 @@
fatal("setrlimit failed: %.100s", strerror(errno));
}
#endif
+ /* Get user data. */
+ pw = getpwuid(original_real_uid);
+ if (!pw) {
+ log("You don't exist, go away!");
+ exit(1);
+ }
+ /* Take a copy of the returned structure. */
+ pw = pwcopy(pw);
+
/*
* Use uid-swapping to give up root privileges for the duration of
* option processing. We will re-instantiate the rights when we are
@@ -272,7 +281,7 @@
* them when the port has been created (actually, when the connection
* has been made, as we may need to create the port several times).
*/
- temporarily_use_uid(original_real_uid);
+ temporarily_use_uid(pw);
/*
* Set our umask to something reasonable, as some files are created
@@ -545,15 +554,6 @@
tty_flag = 0;
}
- /* Get user data. */
- pw = getpwuid(original_real_uid);
- if (!pw) {
- log("You don't exist, go away!");
- exit(1);
- }
- /* Take a copy of the returned structure. */
- pw = pwcopy(pw);
-
/*
* Initialize "log" output. Since we are the client all output
* actually goes to stderr.
@@ -592,6 +592,7 @@
"originating port will not be trusted.");
options.rhosts_authentication = 0;
}
+
/*
* If using rsh has been selected, exec it now (without trying
* anything else). Note that we must release privileges first.
@@ -604,7 +605,7 @@
restore_uid();
/* Switch to the original uid permanently. */
- permanently_set_uid(original_real_uid);
+ permanently_set_uid(pw);
/* Execute rsh. */
rsh_connect(host, options.user, &command);
@@ -618,8 +619,7 @@
ok = ssh_connect(host, &hostaddr, options.port,
options.connection_attempts,
original_effective_uid != 0 || !options.use_privileged_port,
- original_real_uid,
- options.proxy_command);
+ pw, options.proxy_command);
/*
* If we successfully made the connection, load the host private key
@@ -646,7 +646,7 @@
* process, read the private hostkey and impersonate the host.
* OpenBSD does not allow ptracing of setuid processes.
*/
- permanently_set_uid(original_real_uid);
+ permanently_set_uid(pw);
/*
* Now that we are back to our own permissions, create ~/.ssh
@@ -688,8 +688,7 @@
tilde_expand_filename(options.user_hostfile2, original_real_uid);
/* Log into the remote system. This never returns if the login fails. */
- ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr,
- original_real_uid);
+ ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr, pw);
/* We no longer need the host private key. Clear it now. */
if (host_private_key != NULL)