aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2013-03-13 09:41:55 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2013-03-13 09:41:55 +0000
commit2ec88e9d1bcc5eabc01e8524c586254d8c012c3b (patch)
treeef25501300b99ca615e48d931b6ab5afddd0e7c0
parentca9feb490c23706826f0937fb7d6bdc0012a05ea (diff)
downloadsrc-2ec88e9d1bcc5eabc01e8524c586254d8c012c3b.tar.gz
src-2ec88e9d1bcc5eabc01e8524c586254d8c012c3b.zip
Unlike OpenBSD's, our setusercontext() will intentionally ignore the user's
own umask setting (from ~/.login.conf) unless running with the user's UID. Therefore, we need to call it again with LOGIN_SETUMASK after changing UID. PR: bin/176740 Submitted by: John Marshall <john.marshall@riverwillow.com.au> MFC after: 1 week
Notes
Notes: svn path=/head/; revision=248231
-rw-r--r--crypto/openssh/session.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c
index 57a3e18c2cbc..82913ff5b9ef 100644
--- a/crypto/openssh/session.c
+++ b/crypto/openssh/session.c
@@ -1533,6 +1533,12 @@ do_setusercontext(struct passwd *pw)
perror("unable to set user context (setuser)");
exit(1);
}
+
+ /*
+ * FreeBSD's setusercontext() will not apply the user's
+ * own umask setting unless running with the user's UID.
+ */
+ setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
#else
/* Permanently switch to the desired uid. */
permanently_set_uid(pw);