diff options
author | djm <djm> | 2012-11-04 11:23:14 +0000 |
---|---|---|
committer | djm <djm> | 2012-11-04 11:23:14 +0000 |
commit | 98d091cb9beece7d59ef361e2e6476fe5d048d4f (patch) | |
tree | 9a14a8bf2a81cf6a9f302ba227c848ade2b4d8ff /auth2-pubkey.c | |
parent | d4d6e780a92caa1fd72daee7a10a4a2edb94944e (diff) | |
download | openssh-98d091cb9beece7d59ef361e2e6476fe5d048d4f.tar.gz |
- djm@cvs.openbsd.org 2012/11/04 10:38:43
[auth2-pubkey.c sshd.c sshd_config.5]
Remove default of AuthorizedCommandUser. Administrators are now expected
to explicitly specify a user. feedback and ok markus@
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index ec8f75d5..6a621701 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.31 2012/10/30 21:29:54 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.32 2012/11/04 10:38:43 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -462,23 +462,27 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key) struct stat st; int status, devnull, p[2], i; pid_t pid; - char errmsg[512]; + char *username, errmsg[512]; if (options.authorized_keys_command == NULL || options.authorized_keys_command[0] != '/') return 0; - /* If no user specified to run commands the default to target user */ - if (options.authorized_keys_command_user == NULL) - pw = user_pw; - else { - pw = getpwnam(options.authorized_keys_command_user); - if (pw == NULL) { - error("AuthorizedKeyCommandUser \"%s\" not found: %s", - options.authorized_keys_command, strerror(errno)); - return 0; - } + if (options.authorized_keys_command_user == NULL) { + error("No user for AuthorizedKeysCommand specified, skipping"); + return 0; + } + + username = percent_expand(options.authorized_keys_command_user, + "u", user_pw->pw_name, (char *)NULL); + pw = getpwnam(username); + if (pw == NULL) { + error("AuthorizedKeyCommandUser \"%s\" not found: %s", + options.authorized_keys_command, strerror(errno)); + free(username); + return 0; } + free(username); temporarily_use_uid(pw); @@ -517,6 +521,7 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key) for (i = 0; i < NSIG; i++) signal(i, SIG_DFL); + closefrom(STDERR_FILENO + 1); /* Don't use permanently_set_uid() here to avoid fatal() */ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { error("setresgid %u: %s", (u_int)pw->pw_gid, @@ -541,7 +546,6 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key) error("%s: dup2: %s", __func__, strerror(errno)); _exit(1); } - closefrom(STDERR_FILENO + 1); execl(options.authorized_keys_command, options.authorized_keys_command, pw->pw_name, NULL); |