vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Source Code
GIT

Blame pam_ssh_agent_auth-0.9.2-seteuid.patch

c10s-sig-hyperscale c10s-sig-hyperscale-2 c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   d2ed53bfc6d4e2b8dc6fe1caa6f091ab0a4f32ff
  2.   pam_ssh_agent_auth-0.9.2-seteuid.patch
Blob History Raw
Jan F. Chadima d2ed53 
diff -up pam_ssh_agent_auth-0.9.2/iterate_ssh_agent_keys.c.seteuid pam_ssh_agent_auth-0.9.2/iterate_ssh_agent_keys.c
Jan F. Chadima d2ed53 
--- pam_ssh_agent_auth-0.9.2/iterate_ssh_agent_keys.c.seteuid	2010-09-08 08:54:29.000000000 +0200
Jan F. Chadima d2ed53 
+++ pam_ssh_agent_auth-0.9.2/iterate_ssh_agent_keys.c	2010-11-22 08:38:05.000000000 +0100
Jan F. Chadima d2ed53 
@@ -131,13 +131,17 @@ ssh_get_authentication_socket_for_uid(ui
Jan F. Chadima d2ed53 
 	}
Jan F. Chadima d2ed53
Jan F. Chadima d2ed53 
 	errno = 0;
Jan F. Chadima d2ed53 
-	seteuid(uid); /* To ensure a race condition is not used to circumvent the stat
Jan F. Chadima d2ed53 
-	             above, we will temporarily drop UID to the caller */
Jan F. Chadima d2ed53 
+	/* To ensure a race condition is not used to circumvent the stat
Jan F. Chadima d2ed53 
+	   above, we will temporarily drop UID to the caller */
Jan F. Chadima d2ed53 
+	if (seteuid(uid) == -1) {
Jan F. Chadima d2ed53 
+		error("seteuid(%lu) failed", (unsigned long) uid);
Jan F. Chadima d2ed53 
+		return -1;
Jan F. Chadima d2ed53 
+	}
Jan F. Chadima d2ed53 
 	if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) {
Jan F. Chadima d2ed53 
 		close(sock);
Jan F. Chadima d2ed53 
-        if(errno == EACCES)
Jan F. Chadima d2ed53 
-		fatal("MAJOR SECURITY WARNING: uid %lu made a deliberate and malicious attempt to open an agent socket owned by another user", (unsigned long) uid);
Jan F. Chadima d2ed53 
-		return -1;
Jan F. Chadima d2ed53 
+		sock = -1;
Jan F. Chadima d2ed53 
+		if(errno == EACCES)
Jan F. Chadima d2ed53 
+			fatal("MAJOR SECURITY WARNING: uid %lu made a deliberate and malicious attempt to open an agent socket owned by another user", (unsigned long) uid);
Jan F. Chadima d2ed53 
 	}
Jan F. Chadima d2ed53
Jan F. Chadima d2ed53 
 	seteuid(0); /* we now continue the regularly scheduled programming */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation