diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 04:47:01 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 04:47:01 +0100 |
| commit | b12fe272a0e850175417aa56e6efef8f08250977 (patch) | |
| tree | abd6a1ee2fefd9b12525a85d21667bee3b8cb99a | |
| parent | - (dtucker) [platform.c session.c] Move PAM credential establishment for the (diff) | |
| download | openssh-b12fe272a0e850175417aa56e6efef8f08250977.tar.xz openssh-b12fe272a0e850175417aa56e6efef8f08250977.zip | |
- (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
check into platform.c
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | platform.c | 18 | ||||
| -rw-r--r-- | platform.h | 3 | ||||
| -rw-r--r-- | session.c | 5 |
4 files changed, 22 insertions, 6 deletions
@@ -40,6 +40,8 @@ platform.c. - (dtucker) [platform.c session.c] Move PAM credential establishment for the non-LOGIN_CAP case into platform.c. + - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case + check into platform.c 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index b4fb88e5f..f2cf11f56 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.13 2010/11/05 02:32:53 dtucker Exp $ */ +/* $Id: platform.c,v 1.14 2010/11/05 03:47:01 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -17,6 +17,10 @@ */ #include "config.h" + +#include <sys/types.h> +#include <unistd.h> + #include "platform.h" #include "openbsd-compat/openbsd-compat.h" @@ -59,6 +63,18 @@ platform_post_fork_child(void) #endif } +/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ +int +platform_privileged_uidswap(void) +{ +#ifdef HAVE_CYGWIN + /* uid 0 is not special on Cygwin so always try */ + return 1; +#else + return (getuid() == 0 || geteuid() == 0); +#endif +} + /* * This gets called before switching UIDs, and is called even when sshd is * not running as root. diff --git a/platform.h b/platform.h index be66d55c6..944d2c340 100644 --- a/platform.h +++ b/platform.h @@ -1,4 +1,4 @@ -/* $Id: platform.h,v 1.6 2010/11/05 01:36:15 dtucker Exp $ */ +/* $Id: platform.h,v 1.7 2010/11/05 03:47:01 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -24,6 +24,7 @@ void platform_pre_listen(void); void platform_pre_fork(void); void platform_post_fork_parent(pid_t child_pid); void platform_post_fork_child(void); +int platform_privileged_uidswap(void); void platform_setusercontext(struct passwd *); void platform_setusercontext_post_groups(struct passwd *); char *platform_get_krb5_client(const char *); @@ -1471,10 +1471,7 @@ do_setusercontext(struct passwd *pw) platform_setusercontext(pw); -#ifndef HAVE_CYGWIN - if (getuid() == 0 || geteuid() == 0) -#endif /* HAVE_CYGWIN */ - { + if (platform_privileged_uidswap()) { #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { |