summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--regress/usr.bin/ssh/test-exec.sh9
1 files changed, 8 insertions, 1 deletions
diff --git a/regress/usr.bin/ssh/test-exec.sh b/regress/usr.bin/ssh/test-exec.sh
index f63974e57ee..3f51e944b5f 100644
--- a/regress/usr.bin/ssh/test-exec.sh
+++ b/regress/usr.bin/ssh/test-exec.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $
+# $OpenBSD: test-exec.sh,v 1.52 2016/04/14 23:21:42 djm Exp $
# Placed in the Public Domain.
USER=`id -un`
@@ -270,6 +270,13 @@ cat << EOF > $OBJ/sshd_config
Subsystem sftp $SFTPSERVER
EOF
+# This may be necessary if /usr/src and/or /usr/obj are group-writable,
+# but if you aren't careful with permissions then the unit tests could
+# be abused to locally escalate privileges.
+if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
+ echo "StrictModes no" >> $OBJ/sshd_config
+fi
+
if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config