- (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since

   it does the right thing on all platforms.  ok djm@

diff --git a/ChangeLog b/ChangeLog
index 50b003bbe6fbe44bb319f6de8874327b24d6e878..0275d128a2ff7da144698f9fbebda5a40efd66b2 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20040815
+ - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
+   it does the right thing on all platforms.  ok djm@
+
 20040814
  - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c]
    Explicitly set umask for mkstemp; ok djm@

diff --git a/Makefile.in b/Makefile.in
index 1801b330df48606c3fb5487c59dc82a8a5b38e5f..4f120d5565527f9f53322b2311e9c09f0431c37f 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -67,7 +67,7 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o buffer.o \
        compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
        log.o match.o moduli.o mpaux.o nchan.o packet.o \
        readpass.o rsa.o tildexpand.o ttymodes.o xmalloc.o \
-       atomicio.o key.o dispatch.o kex.o mac.o uuencode.o misc.o \
+       atomicio.o key.o dispatch.o kex.o mac.o uidswap.c uuencode.o misc.o \
        monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
        kexgex.o kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
        entropy.o scard-opensc.o gss-genr.o
@@ -76,7 +76,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
        sshconnect.o sshconnect1.o sshconnect2.o
 
 SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
-       sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o \
+       sshpty.o sshlogin.o servconf.o serverloop.o \
        auth.o auth1.o auth2.o auth-options.o session.o \
        auth-chall.o auth2-chall.o groupaccess.o \
        auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \

diff --git a/ssh-keysign.c b/ssh-keysign.c
index cf8b0c2d2b2918bef5f48ff3b7c82e3d2aeacdb8..517655790c9b6731c13fc5a0086828eb7f62f33c 100644 (file)
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -41,6 +41,7 @@ RCSID("$OpenBSD: ssh-keysign.c,v 1.16 2004/04/18 23:10:26 djm Exp $");
 #include "canohost.h"
 #include "pathnames.h"
 #include "readconf.h"
+#include "uidswap.h"
 
 /* XXX readconf.c needs these */
 uid_t original_real_uid;
@@ -150,8 +151,11 @@ main(int argc, char **argv)
        key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
        key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
 
-       seteuid(getuid());
-       setuid(getuid());
+       if ((pw = getpwuid(getuid())) == NULL)
+               fatal("getpwuid failed");
+       pw = pwcopy(pw);
+
+       permanently_set_uid(pw);
 
        init_rng();
        seed_rng();
@@ -173,10 +177,6 @@ main(int argc, char **argv)
        if (key_fd[0] == -1 && key_fd[1] == -1)
                fatal("could not open any host key");
 
-       if ((pw = getpwuid(getuid())) == NULL)
-               fatal("getpwuid failed");
-       pw = pwcopy(pw);
-
        SSLeay_add_all_algorithms();
        for (i = 0; i < 256; i++)
                rnd[i] = arc4random();

diff --git a/ssh.c b/ssh.c
index edf8f2c5ebece1119d54b8c2353ad32702a79b25..1419f98749aa5e910fbce7d65d0ad7765328d9d5 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -71,6 +71,7 @@ RCSID("$OpenBSD: ssh.c,v 1.224 2004/07/28 09:40:29 markus Exp $");
 #include "match.h"
 #include "msg.h"
 #include "monitor_fdpass.h"
+#include "uidswap.h"
 
 #ifdef SMARTCARD
 #include "scard.h"
@@ -644,8 +645,10 @@ again:
         * user's home directory if it happens to be on a NFS volume where
         * root is mapped to nobody.
         */
-       seteuid(original_real_uid);
-       setuid(original_real_uid);
+       if (original_effective_uid == 0) {
+               PRIV_START;
+               permanently_set_uid(pw);
+       }
 
        /*
         * Now that we are back to our own permissions, create ~/.ssh