[PATCH]: Add check_ntsec to ownership/mode tests
Corinna Vinschen
vinschen at redhat.com
Mon Jun 4 20:25:54 EST 2001
Hi,
I have added calls to `check_ntsec()' to the code which checks
for the ownership and modes of identity files and directories.
As you might know, check_ntsec() tests if owner/modes are
supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem
(FAT/FAT32=no, NTFS=yes) and the current Cygwin settings
(ntea/ntsec).
Corinna
Index: auth-rhosts.c
===================================================================
RCS file: /cvs/openssh_cvs/auth-rhosts.c,v
retrieving revision 1.17
diff -u -p -r1.17 auth-rhosts.c
--- auth-rhosts.c 2001/04/12 23:34:35 1.17
+++ auth-rhosts.c 2001/06/04 10:05:34
@@ -228,6 +228,9 @@ auth_rhosts2(struct passwd *pw, const ch
pw->pw_name, pw->pw_dir);
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(pw->pw_dir))
+#endif
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
Index: auth-rsa.c
===================================================================
RCS file: /cvs/openssh_cvs/auth-rsa.c,v
retrieving revision 1.31
diff -u -p -r1.31 auth-rsa.c
--- auth-rsa.c 2001/04/08 18:27:01 1.31
+++ auth-rsa.c 2001/06/04 10:05:34
@@ -156,6 +156,9 @@ auth_rsa(struct passwd *pw, BIGNUM *clie
packet_send_debug("If your home is on an NFS volume, it may need to be world-readable.");
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(file))
+#endif
if (options.strict_modes) {
int fail = 0;
char buf[1024];
Index: auth2.c
===================================================================
RCS file: /cvs/openssh_cvs/auth2.c,v
retrieving revision 1.59
diff -u -p -r1.59 auth2.c
--- auth2.c 2001/04/25 12:44:15 1.59
+++ auth2.c 2001/06/04 10:05:35
@@ -696,6 +696,9 @@ user_key_allowed(struct passwd *pw, Key
restore_uid();
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(file))
+#endif
if (options.strict_modes) {
int fail = 0;
char buf[1024];
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com
More information about the openssh-unix-dev
mailing list