Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 6cffb9a8cdc628d5310550265ebd41a4dab0a822^! / . / ssh-agent.c
commit6cffb9a8cdc628d5310550265ebd41a4dab0a822[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Sep 04 16:20:26 2002 +1000
committerDamien Miller <djm@mindrot.org>Wed Sep 04 16:20:26 2002 +1000
tree6e341d54df4d04966c8336db5a53e2a84d79347f
parent3962119c8a07699ef082ef3839b6408135dfc33b [diff] [blame]
   - markus@cvs.openbsd.org 2002/08/12 10:46:35
     [ssh-agent.c]
     make ssh-agent setgid, disallow ptrace.
     (note: change not yet made in Makefile)

diff --git a/ssh-agent.c b/ssh-agent.c
index 1f21cbc..0615889 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c

@@ -35,7 +35,7 @@
 
 #include "includes.h"
 #include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.98 2002/07/21 18:07:45 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.99 2002/08/12 10:46:35 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -943,6 +943,10 @@
 	pid_t pid;
 	char pidstrbuf[1 + 3 * sizeof pid];
 
+	/* drop */
+	setegid(getgid());
+	setgid(getgid());
+
 	SSLeay_add_all_algorithms();
 
 	__progname = get_progname(av[0]);