Bugzilla – Attachment 1629 Details for
Bug 1593
Configuration ChrootDirectory=%h is unuseful (users cannot access their homes)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Enable users to to acces their homes in case of ChrootDirectory=%h
openssh-5.2p1-homechroot.patch (text/plain), 970 bytes, created by
jchadima
on 2009-04-28 19:48:19 AEST
(
hide
)
Description:
Enable users to to acces their homes in case of ChrootDirectory=%h
Filename:
MIME Type:
Creator:
jchadima
Created:
2009-04-28 19:48:19 AEST
Size:
970 bytes
patch
obsolete
>--- openssh-5.2p1/session.c 2009-03-20 18:08:11.263662384 +0100 >+++ openssh-5.2p1/session.c 2009-03-20 18:26:29.925498409 +0100 >@@ -1408,6 +1408,7 @@ > const char *cp; > char component[MAXPATHLEN]; > struct stat st; >+ int last; > > if (*path != '/') > fatal("chroot path does not begin at root"); >@@ -1419,7 +1420,7 @@ > * root-owned directory with strict permissions. > */ > for (cp = path; cp != NULL;) { >- if ((cp = strchr(cp, '/')) == NULL) >+ if (((last = ((cp = strchr(cp, '/')) == NULL)))) > strlcpy(component, path, sizeof(component)); > else { > cp++; >@@ -1432,7 +1433,7 @@ > if (stat(component, &st) != 0) > fatal("%s: stat(\"%s\"): %s", __func__, > component, strerror(errno)); >- if (st.st_uid != 0 || (st.st_mode & 022) != 0) >+ if ((st.st_uid != 0 || (st.st_mode & 022) != 0) && !(last && st.st_uid == uid)) > fatal("bad ownership or modes for chroot " > "directory %s\"%s\"", > cp == NULL ? "" : "component ", component);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1629">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1593
: 1629 |
1678