[BACK]Return to ssh.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh.c between version 1.486 and 1.487

version 1.486, 2018/07/16 22:25:01 version 1.487, 2018/07/18 11:34:04
Line 94 
Line 94 
 #include "sshpty.h"  #include "sshpty.h"
 #include "match.h"  #include "match.h"
 #include "msg.h"  #include "msg.h"
 #include "uidswap.h"  
 #include "version.h"  #include "version.h"
 #include "ssherr.h"  #include "ssherr.h"
 #include "myproposal.h"  #include "myproposal.h"
Line 599 
Line 598 
         original_real_uid = getuid();          original_real_uid = getuid();
         original_effective_uid = geteuid();          original_effective_uid = geteuid();
   
         /*          if (getuid() != geteuid())
          * Use uid-swapping to give up root privileges for the duration of                  fatal("ssh setuid not supported.");
          * option processing.  We will re-instantiate the rights when we are          if (getgid() != getegid())
          * ready to create the privileged port, and will permanently drop                  fatal("ssh setgid not supported.");
          * them when the port has been created (actually, when the connection  
          * has been made, as we may need to create the port several times).  
          */  
         PRIV_END;  
   
         /* If we are installed setuid root be careful to not drop core. */  
         if (original_real_uid != original_effective_uid) {  
                 struct rlimit rlim;  
                 rlim.rlim_cur = rlim.rlim_max = 0;  
                 if (setrlimit(RLIMIT_CORE, &rlim) < 0)  
                         fatal("setrlimit failed: %.100s", strerror(errno));  
         }  
         /* Get user data. */          /* Get user data. */
         pw = getpwuid(original_real_uid);          pw = getpwuid(original_real_uid);
         if (!pw) {          if (!pw) {
Line 1414 
Line 1402 
                         L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9);                          L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9);
                 }                  }
         }          }
         /*  
          * Get rid of any extra privileges that we may have.  We will no  
          * longer need them.  Also, extra privileges could make it very hard  
          * to read identity files and other non-world-readable files from the  
          * user's home directory if it happens to be on a NFS volume where  
          * root is mapped to nobody.  
          */  
         if (original_effective_uid == 0) {  
                 PRIV_START;  
                 permanently_set_uid(pw);  
         }  
   
         /*          /* Create ~/.ssh * directory if it doesn't already exist. */
          * Now that we are back to our own permissions, create ~/.ssh  
          * directory if it doesn't already exist.  
          */  
         if (config == NULL) {          if (config == NULL) {
                 r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,                  r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
                     strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);                      strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
Legend:
Removed from v.1.486  
changed lines
  Added in v.1.487