diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2014-07-03 22:40:44 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2014-07-03 22:40:44 +0000 |
commit | 5192d97645d6e6d99bdeb8bfba851a3bc14a2694 (patch) | |
tree | 0a16260fc92bd12c669b386ed7180d9c8a126586 | |
parent | 58e425864b303ca50c5d6e0030c6247900b8623c (diff) |
Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
executed, mirroring the no-user-rc authorized_keys option;
bz#2160; ok markus@
-rw-r--r-- | usr.bin/ssh/servconf.c | 14 | ||||
-rw-r--r-- | usr.bin/ssh/servconf.h | 3 | ||||
-rw-r--r-- | usr.bin/ssh/session.c | 5 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.8 | 9 | ||||
-rw-r--r-- | usr.bin/ssh/sshd_config.5 | 11 |
5 files changed, 32 insertions, 10 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 08530dd8c5f..ede4f622503 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.249 2014/01/29 06:18:35 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.250 2014/07/03 22:40:43 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -84,6 +84,7 @@ initialize_server_options(ServerOptions *options) options->x11_display_offset = -1; options->x11_use_localhost = -1; options->permit_tty = -1; + options->permit_user_rc = -1; options->xauth_location = NULL; options->strict_modes = -1; options->tcp_keep_alive = -1; @@ -200,6 +201,8 @@ fill_default_server_options(ServerOptions *options) options->xauth_location = _PATH_XAUTH; if (options->permit_tty == -1) options->permit_tty = 1; + if (options->permit_user_rc == -1) + options->permit_user_rc = 1; if (options->strict_modes == -1) options->strict_modes = 1; if (options->tcp_keep_alive == -1) @@ -318,7 +321,7 @@ typedef enum { sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, sKexAlgorithms, sIPQoS, sVersionAddendum, sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, - sAuthenticationMethods, sHostKeyAgent, + sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sDeprecated, sUnsupported } ServerOpCodes; @@ -419,6 +422,7 @@ static struct { { "acceptenv", sAcceptEnv, SSHCFG_ALL }, { "permittunnel", sPermitTunnel, SSHCFG_ALL }, { "permittty", sPermitTTY, SSHCFG_ALL }, + { "permituserrc", sPermitUserRC, SSHCFG_ALL }, { "match", sMatch, SSHCFG_ALL }, { "permitopen", sPermitOpen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, @@ -1083,6 +1087,10 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->permit_tty; goto parse_flag; + case sPermitUserRC: + intptr = &options->permit_user_rc; + goto parse_flag; + case sStrictModes: intptr = &options->strict_modes; goto parse_flag; @@ -1719,6 +1727,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(x11_forwarding); M_CP_INTOPT(x11_use_localhost); M_CP_INTOPT(permit_tty); + M_CP_INTOPT(permit_user_rc); M_CP_INTOPT(max_sessions); M_CP_INTOPT(max_authtries); M_CP_INTOPT(ip_qos_interactive); @@ -1955,6 +1964,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); dump_cfg_fmtint(sPermitTTY, o->permit_tty); + dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc); dump_cfg_fmtint(sStrictModes, o->strict_modes); dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index 68ea681332f..70f237ac75a 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.112 2014/01/29 06:18:35 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.113 2014/07/03 22:40:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -83,6 +83,7 @@ typedef struct { int x11_use_localhost; /* If true, use localhost for fake X11 server. */ char *xauth_location; /* Location of xauth program */ int permit_tty; /* If false, deny pty allocation */ + int permit_user_rc; /* If false, deny ~/.ssh/rc execution */ int strict_modes; /* If true, require string home dir modes. */ int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */ int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index 4f46e83f1d1..6571f075cb6 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.272 2014/07/03 03:34:09 djm Exp $ */ +/* $OpenBSD: session.c,v 1.273 2014/07/03 22:40:43 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1078,7 +1078,8 @@ do_rc_files(Session *s, const char *shell) /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ if (!s->is_subsystem && options.adm_forced_command == NULL && - !no_user_rc && stat(_PATH_SSH_USER_RC, &st) >= 0) { + !no_user_rc && options.permit_user_rc && + stat(_PATH_SSH_USER_RC, &st) >= 0) { snprintf(cmd, sizeof cmd, "%s -c '%s %s'", shell, _PATH_BSHELL, _PATH_SSH_USER_RC); if (debug_flag) diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8 index dd18d4322c6..2b6431e1aa4 100644 --- a/usr.bin/ssh/sshd.8 +++ b/usr.bin/ssh/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.275 2014/04/19 18:15:16 tedu Exp $ -.Dd $Mdocdate: April 19 2014 $ +.\" $OpenBSD: sshd.8,v 1.276 2014/07/03 22:40:43 djm Exp $ +.Dd $Mdocdate: July 3 2014 $ .Dt SSHD 8 .Os .Sh NAME @@ -381,7 +381,10 @@ Changes to user's home directory. .It If .Pa ~/.ssh/rc -exists, runs it; else if +exists and the +.Xr sshd_config 5 +.Cm PermitUserRC +option is set, runs it; else if .Pa /etc/ssh/sshrc exists, runs it; otherwise runs xauth. diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index e5e247c5128..9cc87cbdcc1 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.173 2014/03/28 05:17:11 naddy Exp $ -.Dd $Mdocdate: March 28 2014 $ +.\" $OpenBSD: sshd_config.5,v 1.174 2014/07/03 22:40:43 djm Exp $ +.Dd $Mdocdate: July 3 2014 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -913,6 +913,7 @@ Available keywords are .Cm PermitRootLogin , .Cm PermitTTY , .Cm PermitTunnel , +.Cm PermitUserRC , .Cm PubkeyAuthentication , .Cm RekeyLimit , .Cm RhostsRSAAuthentication , @@ -1061,6 +1062,12 @@ The default is Enabling environment processing may enable users to bypass access restrictions in some configurations using mechanisms such as .Ev LD_PRELOAD . +.It Cm PermitUserRC +Specifies whether any +.Pa ~/.ssh/rc +file is executed. +The default is +.Dq yes . .It Cm PidFile Specifies the file that contains the process ID of the SSH daemon. |