Bugzilla – Attachment 1329 Details for
Bug 1344
DISABLE_FD_PASSING does not work if sshd invoked by inetd
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Initialize use_privsep based on DISABLE_FD_PASSING
patch (text/plain), 1.05 KB, created by
Matt Kraai
on 2007-07-22 05:21:58 AEST
(
hide
)
Description:
Initialize use_privsep based on DISABLE_FD_PASSING
Filename:
MIME Type:
Creator:
Matt Kraai
Created:
2007-07-22 05:21:58 AEST
Size:
1.05 KB
patch
obsolete
>diff -ru openssh-4.6p1~/servconf.c openssh-4.6p1/servconf.c >--- openssh-4.6p1~/servconf.c 2007-07-21 12:13:05.000000000 -0700 >+++ openssh-4.6p1/servconf.c 2007-07-21 12:15:02.000000000 -0700 >@@ -250,9 +250,14 @@ > if (options->permit_tun == -1) > options->permit_tun = SSH_TUNMODE_NO; > >- /* Turn privilege separation on by default */ >+ /* Turn privilege separation on by default if file descriptors can be >+ passed */ > if (use_privsep == -1) >+#ifndef DISABLE_FD_PASSING > use_privsep = 1; >+#else >+ use_privsep = 0; >+#endif > > #ifndef HAVE_MMAP > if (use_privsep && options->compression == 1) { >diff -ru openssh-4.6p1~/sshd.c openssh-4.6p1/sshd.c >--- openssh-4.6p1~/sshd.c 2007-07-21 12:13:05.000000000 -0700 >+++ openssh-4.6p1/sshd.c 2007-07-21 12:15:35.000000000 -0700 >@@ -662,12 +662,8 @@ > static void > privsep_postauth(Authctxt *authctxt) > { >-#ifdef DISABLE_FD_PASSING >- if (1) { >-#else > if (authctxt->pw->pw_uid == 0 || options.use_login) { >-#endif >- /* File descriptor passing is broken or root login */ >+ /* Root login */ > use_privsep = 0; > goto skip; > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1329">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1344
: 1329