- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being inherited by the child. ok djm@

commit: 86c093d2895989d1258459b797ce3630eaa47d1a [log] [tgz]
author: Darren Tucker <dtucker@zip.com.au> Mon Mar 08 22:59:03 2004 +1100
committer: Darren Tucker <dtucker@zip.com.au> Mon Mar 08 22:59:03 2004 +1100
tree: 1de57c50af2b52f32906f21f91e81ab1f839eb93
parent: 112aaac0ce350fb3365bfb6e2d69faef81422783 [diff] [blame]
diff --git a/sshd.c b/sshd.c
index 2c224b9..3247091 100644
--- a/sshd.c
+++ b/sshd.c

@@ -939,6 +939,13 @@
 	    SYSLOG_FACILITY_AUTH : options.log_facility,
 	    log_stderr || !inetd_flag);
 
+#ifdef _AIX
+	/*
+	 * Unset KRB5CCNAME, otherwise the user's session may inherit it from
+	 * root's environment
+	 */ 
+	unsetenv("KRB5CCNAME");
+#endif /* _AIX */
 #ifdef _UNICOS
 	/* Cray can define user privs drop all prives now!
 	 * Not needed on PRIV_SU systems!
commit	86c093d2895989d1258459b797ce3630eaa47d1a	[log] [tgz]
author	Darren Tucker <dtucker@zip.com.au>	Mon Mar 08 22:59:03 2004 +1100
committer	Darren Tucker <dtucker@zip.com.au>	Mon Mar 08 22:59:03 2004 +1100
tree	1de57c50af2b52f32906f21f91e81ab1f839eb93
parent	112aaac0ce350fb3365bfb6e2d69faef81422783 [diff] [blame]