SVN-Revision: 11913master
parent
f20dd0803c
commit
09e2dcc255
@ -1,20 +1,20 @@ |
||||
Index: dropbear-0.50/svr-chansession.c
|
||||
Index: dropbear-0.51/svr-chansession.c
|
||||
===================================================================
|
||||
--- dropbear-0.50.orig/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
|
||||
+++ dropbear-0.50/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
|
||||
@@ -908,12 +908,12 @@
|
||||
--- dropbear-0.51.orig/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
|
||||
+++ dropbear-0.51/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
|
||||
@@ -912,12 +912,12 @@
|
||||
/* We can only change uid/gid as root ... */
|
||||
if (getuid() == 0) {
|
||||
|
||||
- if ((setgid(ses.authstate.pw->pw_gid) < 0) ||
|
||||
+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) ||
|
||||
(initgroups(ses.authstate.pw->pw_name,
|
||||
- ses.authstate.pw->pw_gid) < 0)) {
|
||||
+ ses.authstate.pw->pw_gid) < 0))) {
|
||||
- if ((setgid(ses.authstate.pw_gid) < 0) ||
|
||||
+ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
|
||||
(initgroups(ses.authstate.pw_name,
|
||||
- ses.authstate.pw_gid) < 0)) {
|
||||
+ ses.authstate.pw_gid) < 0))) {
|
||||
dropbear_exit("error changing user group");
|
||||
}
|
||||
- if (setuid(ses.authstate.pw->pw_uid) < 0) {
|
||||
+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) {
|
||||
- if (setuid(ses.authstate.pw_uid) < 0) {
|
||||
+ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
|
||||
dropbear_exit("error changing user");
|
||||
}
|
||||
} else {
|
||||
|
@ -1,17 +0,0 @@ |
||||
Index: dropbear-0.50/common-channel.c
|
||||
===================================================================
|
||||
--- dropbear-0.50.orig/common-channel.c 2007-08-10 23:47:47.000000000 +0200
|
||||
+++ dropbear-0.50/common-channel.c 2007-08-10 23:47:50.000000000 +0200
|
||||
@@ -311,10 +311,10 @@
|
||||
send_msg_channel_eof(channel);
|
||||
}
|
||||
|
||||
- /* And if we can't receive any more data from them either, close up */
|
||||
+ /* And if we can't receive any more data from them either, close up (server only) */
|
||||
if (!channel->sent_close
|
||||
&& channel->readfd == FD_CLOSED
|
||||
- && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)
|
||||
+ && !ERRFD_IS_WRITE(channel)
|
||||
&& !write_pending(channel)) {
|
||||
TRACE(("sending close, readfd is closed"))
|
||||
send_msg_channel_close(channel);
|
Loading…
Reference in new issue