uidswap.c breaks ssh when originating user is root
Jukka A. Ukkonen
jau at iki.fi
Sun Aug 29 23:05:32 EST 2004
EHLO,
Somehow I don't think it makes any sense to test whether the
gid/egid can be changed, if the original uid happened to be
root. Root can always change the gid/egid anyhow.
So, I would like to propose the following change to 3.9p1...
--- uidswap.c.orig Sun Aug 29 15:43:57 2004
+++ uidswap.c Sun Aug 29 15:44:05 2004
@@ -201,7 +201,7 @@
#endif
/* Try restoration of GID if changed (test clearing of saved gid) */
- if (old_gid != pw->pw_gid &&
+ if (old_uid && (old_gid != pw->pw_gid) &&
(setgid(old_gid) != -1 || setegid(old_gid) != -1))
fatal("%s: was able to restore old [e]gid", __func__);
After this change also root can again use ssh-3.9p1.
I hope this helps.
Cheers,
// jau
.--- ..- -.- -.- .- .- .-.-.- ..- -.- -.- --- -. . -.
/ Jukka A. Ukkonen, Mawit Ltd, Finland
/__ M.Sc. (sw-eng & cs) (Phone) +358-500-606-671
/ Internet: Jukka.Ukkonen(a)Mawit.Com (Home) +358-9-6215-280
/ Internet: ukkonen(a)nic.funet.fi
v Internet: jau(a)iki.fi
.--- .- ..- ...-.- .. -.- .. .-.-.- ..-. ..
+ + + + My opinions are mine and mine alone, not my employers. + + + +
More information about the openssh-unix-dev
mailing list