[PATCH] session: Set authentication info file as read-only
Samuel FORESTIER
samuel+dev at forestier.app
Sat Mar 15 08:24:22 AEDT 2025
From 6a7394cb939b42ebda055c1bf70b54e10067a502 Mon Sep 17 00:00:00 2001
From: Samuel FORESTIER <samuel+dev at forestier.app>
Date: Fri, 14 Mar 2025 20:30:00 +0100
Subject: [PATCH] session: Set authentication info file as read-only
When 'ExposeAuthInfo' option is enabled, attempt to set the file
containing authentication information as read-only (0400 UNIX
permissions), as authenticated users should not modify the content of
these files.
The 'fchmod' operation is performed after writing to the file is
complete and in a "best-effort" manner (i.e. it will only be logged if
system call fails).
This approach is much more simpler than setting the file immutable and
reverting it before its removal in 'do_cleanup'.
---
session.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/session.c b/session.c
index 52a4a3446..5bcf9276a 100644
--- a/session.c
+++ b/session.c
@@ -286,6 +286,8 @@ prepare_auth_info_file(struct passwd *pw, struct
sshbuf *info)
error_f("write: %s", strerror(errno));
goto out;
}
+ if (fchmod(fd, S_IRUSR) == -1)
+ logit("fchmod(): %.100s", strerror(errno));
if (close(fd) != 0) {
error_f("close: %s", strerror(errno));
goto out;
--
2.34.1
More information about the openssh-unix-dev
mailing list