merge 2017.75

author: Matt Johnston <matt@ucc.asn.au> 2017-05-18 22:59:38 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2017-05-18 22:59:38 +0800
commit: 7621ee793aab9feda0ded9ce6b5026e7ffa8f8f4 (patch)
tree: c9b05db4faf6ed0d430eaafd6eef4422078ce6b2 /svr-authpubkey.c
parent: 25f4ef18b7cd8dc90946301bfd72b3e4a604d3ba (diff)
parent: b7dbc33cb67ec3c46509df6b3eb4b82cc61ecc06 (diff)
download: dropbear-7621ee793aab9feda0ded9ce6b5026e7ffa8f8f4.tar.gz
1 files changed, 16 insertions, 1 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index 90d0d2c..acc660d 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -201,6 +201,8 @@ static int checkpubkey(char* algo, unsigned int algolen,
 	unsigned int len, pos;
 	buffer * options_buf = NULL;
 	int line_num;
+	uid_t origuid;
+	gid_t origgid;
 
 	TRACE(("enter checkpubkey"))
 
@@ -227,8 +229,21 @@ static int checkpubkey(char* algo, unsigned int algolen,
 	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
 				ses.authstate.pw_dir);
 
-	/* open the file */
+	/* open the file as the authenticating user. */
+	origuid = getuid();
+	origgid = getgid();
+	if ((setegid(ses.authstate.pw_gid)) < 0 ||
+		(seteuid(ses.authstate.pw_uid)) < 0) {
+		dropbear_exit("Failed to set euid");
+	}
+
 	authfile = fopen(filename, "r");
+
+	if ((seteuid(origuid)) < 0 ||
+		(setegid(origgid)) < 0) {
+		dropbear_exit("Failed to revert euid");
+	}
+
 	if (authfile == NULL) {
 		goto out;
 	}
author	Matt Johnston <matt@ucc.asn.au>	2017-05-18 22:59:38 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2017-05-18 22:59:38 +0800
commit	7621ee793aab9feda0ded9ce6b5026e7ffa8f8f4 (patch)
tree	c9b05db4faf6ed0d430eaafd6eef4422078ce6b2 /svr-authpubkey.c
parent	25f4ef18b7cd8dc90946301bfd72b3e4a604d3ba (diff)
parent	b7dbc33cb67ec3c46509df6b3eb4b82cc61ecc06 (diff)
download	dropbear-7621ee793aab9feda0ded9ce6b5026e7ffa8f8f4.tar.gz