- markus@cvs.openbsd.org 2006/06/06 10:20:20 [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c] replace remaining setuid() calls with permanently_set_uid() and check seteuid() return values; report Marcus Meissner; ok dtucker djm

commit: 6b4069ad563ce578cbfa6f90e76b462d26483e67 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Tue Jun 13 13:05:15 2006 +1000
committer: Damien Miller <djm@mindrot.org> Tue Jun 13 13:05:15 2006 +1000
tree: 777206b388f2ef12b83275d4aeb78e96cdea1bdd
parent: eb13e556e58a52a3ff0c734a8690ad41686cf92c [diff] [blame]
diff --git a/sshconnect2.c b/sshconnect2.c
index 53cf257..c97738c 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.153 2006/05/08 10:49:48 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.154 2006/06/06 10:20:20 markus Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -53,6 +53,7 @@
 #include "canohost.h"
 #include "msg.h"
 #include "pathnames.h"
+#include "uidswap.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -1252,8 +1253,7 @@
 		return -1;
 	}
 	if (pid == 0) {
-		seteuid(getuid());
-		setuid(getuid());
+		permanently_set_uid(getpwuid(getuid()));
 		close(from[0]);
 		if (dup2(from[1], STDOUT_FILENO) < 0)
 			fatal("ssh_keysign: dup2: %s", strerror(errno));
commit	6b4069ad563ce578cbfa6f90e76b462d26483e67	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Tue Jun 13 13:05:15 2006 +1000
committer	Damien Miller <djm@mindrot.org>	Tue Jun 13 13:05:15 2006 +1000
tree	777206b388f2ef12b83275d4aeb78e96cdea1bdd
parent	eb13e556e58a52a3ff0c734a8690ad41686cf92c [diff] [blame]