version 1.499, 2017/11/14 00:45:29 |
version 1.500, 2018/01/23 05:01:15 |
|
|
if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) |
if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) |
fatal("Privilege separation user %s does not exist", |
fatal("Privilege separation user %s does not exist", |
SSH_PRIVSEP_USER); |
SSH_PRIVSEP_USER); |
explicit_bzero(pw->pw_passwd, strlen(pw->pw_passwd)); |
pw = pwcopy(pw); /* Ensure mutable */ |
endpwent(); |
endpwent(); |
|
freezero(pw->pw_passwd, strlen(pw->pw_passwd)); |
|
|
/* Change our root directory */ |
/* Change our root directory */ |
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) |
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) |
|
|
if (getpwnam(SSH_PRIVSEP_USER) == NULL) |
if (getpwnam(SSH_PRIVSEP_USER) == NULL) |
fatal("Privilege separation user %s does not exist", |
fatal("Privilege separation user %s does not exist", |
SSH_PRIVSEP_USER); |
SSH_PRIVSEP_USER); |
|
endpwent(); |
if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) || |
if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) || |
(S_ISDIR(st.st_mode) == 0)) |
(S_ISDIR(st.st_mode) == 0)) |
fatal("Missing privilege separation directory: %s", |
fatal("Missing privilege separation directory: %s", |