[Bug 2969] [PATCH] Protect rmdir() with temporarily_use_uid() in session.c

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Feb 12 09:16:51 AEDT 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=2969

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
AFAIK since we removed the ability to disable privilege separation, I
think it's impossible for this code to run with elevated privileges to
being with.

That being said, as long as the skeleton of the !privsep case remains,
we should follow the rules...

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list