===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/session.c,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -r1.79 -r1.80
--- src/usr.bin/ssh/session.c	2001/06/03 14:55:39	1.79
+++ src/usr.bin/ssh/session.c	2001/06/04 21:59:43	1.80
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.79 2001/06/03 14:55:39 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -94,7 +94,7 @@
 void	do_child(Session *s, const char *command);
 void	do_motd(void);
 int	check_quietlogin(Session *s, const char *command);
-void	xauthfile_cleanup_proc(void *ignore);
+void	xauthfile_cleanup_proc(void *pw);
 
 void	do_authenticated1(Authctxt *authctxt);
 void	do_authenticated2(Authctxt *authctxt);
@@ -157,21 +157,23 @@
 
 	/* remote user's local Xauthority file and agent socket */
 	if (xauthfile)
-		xauthfile_cleanup_proc(NULL);
+		xauthfile_cleanup_proc(authctxt->pw);
 	if (auth_get_socket_name())
-		auth_sock_cleanup_proc(NULL);
+		auth_sock_cleanup_proc(authctxt->pw);
 }
 
 /*
  * Remove local Xauthority file.
  */
 void
-xauthfile_cleanup_proc(void *ignore)
+xauthfile_cleanup_proc(void *_pw)
 {
-	debug("xauthfile_cleanup_proc called");
+	struct passwd *pw = _pw;
+	char *p;
 
+	debug("xauthfile_cleanup_proc called");
 	if (xauthfile != NULL) {
-		char *p;
+		temporarily_use_uid(pw);
 		unlink(xauthfile);
 		p = strrchr(xauthfile, '/');
 		if (p != NULL) {
@@ -180,6 +182,7 @@
 		}
 		xfree(xauthfile);
 		xauthfile = NULL;
+		restore_uid();
 	}
 }
 
@@ -356,7 +359,7 @@
 			if (fd >= 0)
 				close(fd);
 			restore_uid();
-			fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
+			fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
 			success = 1;
 			break;
 
@@ -1433,7 +1436,7 @@
 	if (fd >= 0)
 		close(fd);
 	restore_uid();
-	fatal_add_cleanup(xauthfile_cleanup_proc, s);
+	fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
 	return 1;
 }