diff options
author | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-30 18:33:06 +0000 |
---|---|---|
committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-11-30 18:33:06 +0000 |
commit | 2699f5a76be3c2d58dcfa967760cfa378de28056 (patch) | |
tree | aaa49e618294a91e5d79ee69e158d346ad58de61 /usr.bin/ssh | |
parent | 8457ecac990d3e40f1258805ca60a64bae26f40b (diff) |
agents must not dump core, ok niels@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/ssh-agent.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index d7f0872a560..eeab320a396 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $"); #include "ssh.h" #include "rsa.h" @@ -670,6 +670,7 @@ main(int ac, char **av) fd_set readset, writeset; int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; struct sockaddr_un sunaddr; + struct rlimit rlim; pid_t pid; char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; @@ -792,6 +793,12 @@ main(int ac, char **av) close(1); close(2); + /* deny core dumps, since memory contains unencrypted private keys */ + rlim.rlim_cur = rlim.rlim_max = 0; + if (setrlimit(RLIMIT_CORE, &rlim) < 0) { + perror("setrlimit rlimit_core failed"); + cleanup_exit(1); + } if (setsid() == -1) { perror("setsid"); cleanup_exit(1); |