- markus@cvs.openbsd.org 2001/06/04 21:59:43
[channels.c channels.h session.c]
switch uid when cleaning up tmp files and sockets; reported by
zen-parse@gmx.net on bugtraq
diff --git a/channels.c b/channels.c
index 1106138..32c23be 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.122 2001/06/03 14:55:38 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.123 2001/06/04 21:59:42 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -2777,12 +2777,16 @@
/* removes the agent forwarding socket */
void
-auth_sock_cleanup_proc(void *ignored)
+auth_sock_cleanup_proc(void *_pw)
{
+ struct passwd *pw = _pw;
+
if (auth_sock_name) {
+ temporarily_use_uid(pw);
unlink(auth_sock_name);
rmdir(auth_sock_dir);
auth_sock_name = NULL;
+ restore_uid();
}
}
@@ -2826,7 +2830,7 @@
auth_sock_dir, (int) getpid());
/* delete agent socket on fatal() */
- fatal_add_cleanup(auth_sock_cleanup_proc, NULL);
+ fatal_add_cleanup(auth_sock_cleanup_proc, pw);
/* Create the socket. */
sock = socket(AF_UNIX, SOCK_STREAM, 0);
@@ -2856,7 +2860,7 @@
0, xstrdup("auth socket"), 1);
if (nc == NULL) {
error("auth_input_request_forwarding: channel_new failed");
- auth_sock_cleanup_proc(NULL);
+ auth_sock_cleanup_proc(pw);
close(sock);
return 0;
}