Projects
openEuler:20.03:LTS:SP3
openssh
_service:tar_scm_kernel_repo:backport-CVE-2021-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-CVE-2021-41617-1.patch of Package openssh
From f3cbe43e28fe71427d41cfe3a17125b972710455 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" <djm@openbsd.org> Date: Sun, 26 Sep 2021 14:01:03 +0000 Subject: upstream: need initgroups() before setresgid(); reported by anton@, ok deraadt@ OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce --- auth.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/auth.c b/auth.c index c73444a..e510a05 100644 --- a/auth.c +++ b/auth.c @@ -852,6 +852,13 @@ subprocess(const char *tag, struct passwd *pw, const char *command, } closefrom(STDERR_FILENO + 1); + if (geteuid() == 0 && + initgroups(pw->pw_name, pw->pw_gid) == -1) { + error("%s: initgroups(%s, %u): %s", tag, + pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); + _exit(1); + } + /* Don't use permanently_set_uid() here to avoid fatal() */ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, -- 1.8.3.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.