- markus@cvs.openbsd.org 2001/06/04 21:59:43
[channels.c channels.h session.c]
switch uid when cleaning up tmp files and sockets; reported by
zen-parse@gmx.net on bugtraq
diff --git a/session.c b/session.c
index ce9b200..c65c7e6 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.79 2001/06/03 14:55:39 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -132,7 +132,7 @@
void do_child(Session *s, const char *command);
void do_motd(void);
int check_quietlogin(Session *s, const char *command);
-void xauthfile_cleanup_proc(void *ignore);
+void xauthfile_cleanup_proc(void *pw);
void do_authenticated1(Authctxt *authctxt);
void do_authenticated2(Authctxt *authctxt);
@@ -200,21 +200,23 @@
/* remote user's local Xauthority file and agent socket */
if (xauthfile)
- xauthfile_cleanup_proc(NULL);
+ xauthfile_cleanup_proc(authctxt->pw);
if (auth_get_socket_name())
- auth_sock_cleanup_proc(NULL);
+ auth_sock_cleanup_proc(authctxt->pw);
}
/*
* Remove local Xauthority file.
*/
void
-xauthfile_cleanup_proc(void *ignore)
+xauthfile_cleanup_proc(void *_pw)
{
- debug("xauthfile_cleanup_proc called");
+ struct passwd *pw = _pw;
+ char *p;
+ debug("xauthfile_cleanup_proc called");
if (xauthfile != NULL) {
- char *p;
+ temporarily_use_uid(pw);
unlink(xauthfile);
p = strrchr(xauthfile, '/');
if (p != NULL) {
@@ -223,6 +225,7 @@
}
xfree(xauthfile);
xauthfile = NULL;
+ restore_uid();
}
}
@@ -399,7 +402,7 @@
if (fd >= 0)
close(fd);
restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
+ fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
success = 1;
break;
@@ -1811,7 +1814,7 @@
if (fd >= 0)
close(fd);
restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, s);
+ fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
return 1;
}