Bugzilla – Attachment 2452 Details for
Bug 2160
Option to disable ~/.ssh/rc in sshd_config
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
PermitUserRC option for sshd_config
PermitUserRC.diff (text/plain), 4.50 KB, created by
Damien Miller
on 2014-07-03 15:26:49 AEST
(
hide
)
Description:
PermitUserRC option for sshd_config
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2014-07-03 15:26:49 AEST
Size:
4.50 KB
patch
obsolete
>diff --git servconf.c servconf.c >index 08530dd..7005f8a 100644 >--- servconf.c >+++ servconf.c >@@ -84,6 +84,7 @@ initialize_server_options(ServerOptions *options) > options->x11_display_offset = -1; > options->x11_use_localhost = -1; > options->permit_tty = -1; >+ options->permit_user_rc = -1; > options->xauth_location = NULL; > options->strict_modes = -1; > options->tcp_keep_alive = -1; >@@ -200,6 +201,8 @@ fill_default_server_options(ServerOptions *options) > options->xauth_location = _PATH_XAUTH; > if (options->permit_tty == -1) > options->permit_tty = 1; >+ if (options->permit_user_rc == -1) >+ options->permit_user_rc = 1; > if (options->strict_modes == -1) > options->strict_modes = 1; > if (options->tcp_keep_alive == -1) >@@ -318,7 +321,7 @@ typedef enum { > sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, > sKexAlgorithms, sIPQoS, sVersionAddendum, > sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, >- sAuthenticationMethods, sHostKeyAgent, >+ sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, > sDeprecated, sUnsupported > } ServerOpCodes; > >@@ -419,6 +422,7 @@ static struct { > { "acceptenv", sAcceptEnv, SSHCFG_ALL }, > { "permittunnel", sPermitTunnel, SSHCFG_ALL }, > { "permittty", sPermitTTY, SSHCFG_ALL }, >+ { "permituserrc", sPermitUserRC, SSHCFG_ALL }, > { "match", sMatch, SSHCFG_ALL }, > { "permitopen", sPermitOpen, SSHCFG_ALL }, > { "forcecommand", sForceCommand, SSHCFG_ALL }, >@@ -1083,6 +1087,10 @@ process_server_config_line(ServerOptions *options, char *line, > intptr = &options->permit_tty; > goto parse_flag; > >+ case sPermitUserRC: >+ intptr = &options->permit_user_rc; >+ goto parse_flag; >+ > case sStrictModes: > intptr = &options->strict_modes; > goto parse_flag; >@@ -1719,6 +1727,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) > M_CP_INTOPT(x11_forwarding); > M_CP_INTOPT(x11_use_localhost); > M_CP_INTOPT(permit_tty); >+ M_CP_INTOPT(permit_user_rc); > M_CP_INTOPT(max_sessions); > M_CP_INTOPT(max_authtries); > M_CP_INTOPT(ip_qos_interactive); >@@ -1955,6 +1964,7 @@ dump_config(ServerOptions *o) > dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); > dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); > dump_cfg_fmtint(sPermitTTY, o->permit_tty); >+ dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); > dump_cfg_fmtint(sStrictModes, o->strict_modes); > dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); > dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); >diff --git servconf.h servconf.h >index 68ea681..d6c4d82 100644 >--- servconf.h >+++ servconf.h >@@ -83,6 +83,7 @@ typedef struct { > int x11_use_localhost; /* If true, use localhost for fake X11 server. */ > char *xauth_location; /* Location of xauth program */ > int permit_tty; /* If false, deny pty allocation */ >+ int permit_user_rc; /* If false, deny ~/.ssh/rc execution */ > int strict_modes; /* If true, require string home dir modes. */ > int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */ > int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ >diff --git session.c session.c >index 4f46e83..650c030 100644 >--- session.c >+++ session.c >@@ -1078,7 +1078,8 @@ do_rc_files(Session *s, const char *shell) > > /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ > if (!s->is_subsystem && options.adm_forced_command == NULL && >- !no_user_rc && stat(_PATH_SSH_USER_RC, &st) >= 0) { >+ !no_user_rc && options.permit_user_rc && >+ stat(_PATH_SSH_USER_RC, &st) >= 0) { > snprintf(cmd, sizeof cmd, "%s -c '%s %s'", > shell, _PATH_BSHELL, _PATH_SSH_USER_RC); > if (debug_flag) >diff --git sshd.8 sshd.8 >index dd18d43..3c60843 100644 >--- sshd.8 >+++ sshd.8 >@@ -381,7 +381,10 @@ Changes to user's home directory. > .It > If > .Pa ~/.ssh/rc >-exists, runs it; else if >+exists and the >+.Xr sshd_config 5 >+.Cm PermitUserRC >+option is set, runs it; else if > .Pa /etc/ssh/sshrc > exists, runs > it; otherwise runs xauth. >diff --git sshd_config.5 sshd_config.5 >index e5e247c..1c1ac85 100644 >--- sshd_config.5 >+++ sshd_config.5 >@@ -913,6 +913,7 @@ Available keywords are > .Cm PermitRootLogin , > .Cm PermitTTY , > .Cm PermitTunnel , >+.Cm PermitUserRC , > .Cm PubkeyAuthentication , > .Cm RekeyLimit , > .Cm RhostsRSAAuthentication , >@@ -1061,6 +1062,12 @@ The default is > Enabling environment processing may enable users to bypass access > restrictions in some configurations using mechanisms such as > .Ev LD_PRELOAD . >+.It Cm PermitUserRC >+Specifies whether any >+.Pa ~/.ssh/rc >+file is executed. >+The default is >+.Dq yes . > .It Cm PidFile > Specifies the file that contains the process ID of the > SSH daemon.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2452">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2160
: 2452