*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.239 2002/03/30 18:51:15 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.241 2002/05/13 15:53:19 millert Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
#include <openssl/md5.h>
#include <openssl/rand.h>
+#ifdef HAVE_SECUREWARE
+#include <sys/security.h>
+#include <prot.h>
+#endif
#include "ssh.h"
#include "ssh1.h"
demote_sensitive_data();
if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
- fatal("%s: no user", SSH_PRIVSEP_USER);
+ fatal("Privilege separation user %s does not exist",
+ SSH_PRIVSEP_USER);
memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));
endpwent();
Key *key;
int ret, key_used = 0;
+#ifdef HAVE_SECUREWARE
+ (void)set_auth_parameters(ac, av);
+#endif
__progname = get_progname(av[0]);
init_rng();
if (test_flag)
exit(0);
-#ifdef HAVE_SCO_PROTECTED_PW
- (void) set_auth_parameters(ac, av);
-#endif
+ /*
+ * Clear out any supplemental groups we may have inherited. This
+ * prevents inadvertent creation of files with bad modes (in the
+ * portable version at least, it's certainly possible for PAM
+ * to create a file, and we can't control the code in every
+ * module which might be used).
+ */
+ if (setgroups(0, NULL) < 0)
+ debug("setgroups() failed: %.200s", strerror(errno));
/* Initialize the log (it is reinitialized below in case we forked). */
if (debug_flag && !inetd_flag)
/* This is the child processing a new connection. */
+ /*
+ * Create a new session and process group since the 4.4BSD
+ * setlogin() affects the entire process group. We don't
+ * want the child to be able to affect the parent.
+ */
+ if (setsid() < 0)
+ error("setsid: %.100s", strerror(errno));
+
/*
* Disable the key regeneration alarm. We will not regenerate the
* key since we are no longer in a position to give it to anyone. We
andersk / openssh.git / blobdiff