Bugzilla – Attachment 1669 Details for
Bug 1567
Insufficient privileges to chroot() on AIX
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Same as #1662, but only override if chroot directory is set.
openssh-aix-setpcred-chroot2.patch (text/plain), 911 bytes, created by
Darren Tucker
on 2009-08-17 09:56:33 AEST
(
hide
)
Description:
Same as #1662, but only override if chroot directory is set.
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2009-08-17 09:56:33 AEST
Size:
911 bytes
patch
obsolete
>? build >Index: session.c >=================================================================== >RCS file: /var/cvs/openssh/session.c,v >retrieving revision 1.383 >diff -u -p -r1.383 session.c >--- session.c 21 Jun 2009 09:50:08 -0000 1.383 >+++ session.c 16 Aug 2009 23:49:10 -0000 >@@ -1466,9 +1466,16 @@ do_setusercontext(struct passwd *pw) > if (getuid() == 0 || geteuid() == 0) > #endif /* HAVE_CYGWIN */ > { >- > #ifdef HAVE_SETPCRED >- if (setpcred(pw->pw_name, (char **)NULL) == -1) >+ /* >+ * If we have a chroot directory, we set everything exept real >+ * uid which we will need for chroot. If we don't have a >+ * chroot directory, we don't override anything. >+ */ >+ char *creds[] = { "REAL_USER=root", NULL }; >+ >+ if (setpcred(pw->pw_name, >+ options.chroot_directory == NULL ? NULL : creds) == -1) > fatal("Failed to set process credentials"); > #endif /* HAVE_SETPCRED */ > #ifdef HAVE_LOGIN_CAP
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1669">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1567
:
1661
|
1662
|
1669
|
1728
|
1729
|
1807