summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2013-03-06 23:35:24 +0000
committerDamien Miller <djm@cvs.openbsd.org>2013-03-06 23:35:24 +0000
commit2b1cafb580f72f815d63b641f24e5f3a39f4d0c3 (patch)
treec0901352ed8c480865c3cb476c7ae1a99e8403da /usr.bin/ssh
parente416898b0f8e71d2b7dd38c81ddeb2debc46aff0 (diff)
fatal() when ChrootDirectory specified by running without root privileges;
ok markus@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/session.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c
index 41bcd577bd3..5bc944093b9 100644
--- a/usr.bin/ssh/session.c
+++ b/usr.bin/ssh/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.261 2012/12/02 20:46:11 djm Exp $ */
+/* $OpenBSD: session.c,v 1.262 2013/03/06 23:35:23 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1216,7 +1216,10 @@ do_setusercontext(struct passwd *pw)
perror("unable to set user context (setuser)");
exit(1);
}
- }
+ } else if (options.chroot_directory != NULL &&
+ strcasecmp(options.chroot_directory, "none") != 0)
+ fatal("server lacks privileges to chroot to ChrootDirectory");
+
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
}