[openssh-commits] [openssh] 02/03: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65
Author: deraadt at openbsd.org <deraadt at openbsd.org>
Date:   Fri Nov 27 00:49:31 2015 +0000

    upstream commit
    
    pledge "stdio rpath wpath cpath fattr tty proc exec"
     except for the -p option (which sadly has insane semantics...) ok semarie
     dtucker
    
    Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
---
 scp.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/scp.c b/scp.c
index 842dc66..0bdd7cb 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.183 2015/10/16 17:07:24 mmcc Exp $ */
+/* $OpenBSD: scp.c,v 1.184 2015/11/27 00:49:31 deraadt Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -484,6 +484,16 @@ main(int argc, char **argv)
 	if (!isatty(STDOUT_FILENO))
 		showprogress = 0;
 
+	if (pflag) {
+		/* Cannot pledge: -p allows setuid/setgid files... */
+	} else {
+		if (pledge("stdio rpath wpath cpath fattr tty proc exec",
+		    NULL) == -1) {
+			perror("pledge");
+			exit(1);
+		}
+	}
+
 	remin = STDIN_FILENO;
 	remout = STDOUT_FILENO;
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.