summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2002-08-12 10:46:36 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2002-08-12 10:46:36 +0000
commit4873d53a0fe39e573dcb4495ffa783b75ef02742 (patch)
tree4fb39dc5a8264e099f23020997d841963a9b71a3 /usr.bin/ssh
parent9a9591ff6c3b33568e7183f4aaa0512f61832e5d (diff)
make ssh-agent setgid, disallow ptrace.
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/ssh-agent.c6
-rw-r--r--usr.bin/ssh/ssh-agent/Makefile5
2 files changed, 8 insertions, 3 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 6ed21746446..48d7ce2e413 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -35,7 +35,7 @@
#include "includes.h"
#include <sys/queue.h>
-RCSID("$OpenBSD: ssh-agent.c,v 1.98 2002/07/21 18:07:45 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.99 2002/08/12 10:46:35 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
@@ -934,6 +934,10 @@ main(int ac, char **av)
pid_t pid;
char pidstrbuf[1 + 3 * sizeof pid];
+ /* drop */
+ setegid(getgid());
+ setgid(getgid());
+
SSLeay_add_all_algorithms();
while ((ch = getopt(ac, av, "cdksa:")) != -1) {
diff --git a/usr.bin/ssh/ssh-agent/Makefile b/usr.bin/ssh/ssh-agent/Makefile
index c252dbdad65..05ae43fcc8b 100644
--- a/usr.bin/ssh/ssh-agent/Makefile
+++ b/usr.bin/ssh/ssh-agent/Makefile
@@ -1,11 +1,12 @@
-# $OpenBSD: Makefile,v 1.21 2001/06/27 19:29:16 markus Exp $
+# $OpenBSD: Makefile,v 1.22 2002/08/12 10:46:35 markus Exp $
.PATH: ${.CURDIR}/..
PROG= ssh-agent
BINOWN= root
+BINGRP= _sshagnt
-BINMODE?=555
+BINMODE?=2555
BINDIR= /usr/bin
MAN= ssh-agent.1
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-23 22:56:38 +0000