diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2013-03-06 23:35:24 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2013-03-06 23:35:24 +0000 |
commit | 2b1cafb580f72f815d63b641f24e5f3a39f4d0c3 (patch) | |
tree | c0901352ed8c480865c3cb476c7ae1a99e8403da /usr.bin/ssh | |
parent | e416898b0f8e71d2b7dd38c81ddeb2debc46aff0 (diff) |
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/session.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index 41bcd577bd3..5bc944093b9 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.261 2012/12/02 20:46:11 djm Exp $ */ +/* $OpenBSD: session.c,v 1.262 2013/03/06 23:35:23 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1216,7 +1216,10 @@ do_setusercontext(struct passwd *pw) perror("unable to set user context (setuser)"); exit(1); } - } + } else if (options.chroot_directory != NULL && + strcasecmp(options.chroot_directory, "none") != 0) + fatal("server lacks privileges to chroot to ChrootDirectory"); + if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); } |