1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-14 23:46:10 +00:00
freebsd-ports/security/ssh2/files/patch-ai

47 lines
1.2 KiB
Plaintext
Raw Normal View History

--- lib/sshsession/sshunixuser.c.orig Tue May 4 20:09:15 1999
+++ lib/sshsession/sshunixuser.c Fri Jun 18 16:18:08 1999
@@ -56,6 +56,10 @@
#define SSH_DEBUG_MODULE "SshUnixUser"
+#ifdef HAVE_LOGIN_CAP_H
+#include <login_cap.h>
+#endif /* HAVE_LOGIN_CAP_H */
+
extern char *crypt(const char *key, const char *salt);
/* Data type to hold machine-specific user data. */
@@ -776,6 +780,24 @@
/* Set uid, gid, and groups. */
if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
{
+#ifdef HAVE_LOGIN_CAP_H
+ struct passwd *pwd;
+
+ pwd = getpwnam(ssh_user_name(uc));
+ if (!pwd)
+ {
+ ssh_debug("ssh_user_become: getpwnam: %s", strerror(errno));
+ return FALSE;
+ }
+ if (setusercontext(NULL, pwd, ssh_user_uid(uc),
+ LOGIN_SETALL & ~(LOGIN_SETLOGIN|LOGIN_SETPATH|LOGIN_SETENV)) != 0)
+ {
+ ssh_debug("ssh_user_become: setusercontext: %s", strerror(errno));
+ return FALSE;
+ }
+ endpwent();
+ endgrent();
+#else
if (setgid(ssh_user_gid(uc)) < 0)
{
SSH_DEBUG(2, ("ssh_user_become: setgid: %s", strerror(errno)));
@@ -830,6 +852,7 @@
return FALSE;
}
#endif /* HAVE_SIA */
+#endif /* HAVE_LOGIN_CAP_H */
}
/* We are now running with the user's privileges. */