Attachment #1018 for bug #177

Lines 33-38 Link Here

(-)sftp-server.c (+38 lines)
33	#include "sftp.h"	33	#include "sftp.h"
34	#include "sftp-common.h"	34	#include "sftp-common.h"
35		35
		36	#define CHROOT
		37
36	/* helper */	38	/* helper */
37	#define get_int64() buffer_get_int64(&iqueue);	39	#define get_int64() buffer_get_int64(&iqueue);
38	#define get_int() buffer_get_int(&iqueue);	40	#define get_int() buffer_get_int(&iqueue);
Lines 1024-1029 Link Here
1024	}	1026	}
1025	}	1027	}
1026		1028
		1029	#ifdef CHROOT
		1030	void
		1031	chroot_init(void)
		1032	{
		1033	char user_dir, new_root;
		1034
		1035	user_dir = getenv("HOME");
		1036	if (!user_dir)
		1037	fatal("HOME isn't in environment");
		1038
		1039	new_root = user_dir + 1;
		1040
		1041	while ((new_root = strchr(new_root, '.')) != NULL) {
		1042	new_root--;
		1043	if (strncmp(new_root, "/./", 3) == 0) {
		1044	*new_root = '\0';
		1045	new_root += 2;
		1046
		1047	if (chroot(user_dir) != 0)
		1048	fatal("Couldn't chroot to user directory %s: %s",
		1049	user_dir, strerror(errno));
		1050
		1051	setenv("HOME", new_root, 1);
		1052	break;
		1053	}
		1054	new_root += 2;
		1055	}
		1056	}
		1057	#endif /* CHROOT */
		1058
1027	int	1059	int
1028	main(int ac, char **av)	1060	main(int ac, char **av)
1029	{	1061	{
Lines 1039-1044 Link Here
1039	#ifdef DEBUG_SFTP_SERVER	1071	#ifdef DEBUG_SFTP_SERVER
1040	log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);	1072	log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
1041	#endif	1073	#endif
		1074
		1075	#ifdef CHROOT
		1076	chroot_init();
		1077	#endif
		1078	if (setuid(getuid()) != 0)
		1079	fatal("Couldn't drop privileges: %s", strerror(errno));
1042		1080
1043	in = dup(STDIN_FILENO);	1081	in = dup(STDIN_FILENO);
1044	out = dup(STDOUT_FILENO);	1082	out = dup(STDOUT_FILENO);

Return to bug 177