Merge pull request #201 from mkj/test-pty-gid

Allow users's own gid in pty permission check
author: Matt Johnston <matt@ucc.asn.au> 2022-12-12 22:34:06 +0800
committer: GitHub <noreply@github.com> 2022-12-12 22:34:06 +0800
commit: 6fa49f98c59a16ace92bf389c4db5257c4853790 (patch)
tree: b2ccb96523a796bbfb2de2ce864bbf797ad1d50f
parent: c043efb47c3173072fa636ca0da0d19875d4511f (diff)
parent: 860721558837441ab45019858e710a2625ffa46e (diff)
download: dropbear-6fa49f98c59a16ace92bf389c4db5257c4853790.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/sshpty.c b/sshpty.c
index fceb7fd..9f12d67 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -380,7 +380,9 @@ pty_setowner(struct passwd *pw, const char *tty_name)
 				tty_name, strerror(errno));
 	}
 
-	if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
+	/* Allow either "tty" gid or user's own gid. On Linux with openpty()
+	 * this varies depending on the devpts mount options */
+	if (st.st_uid != pw->pw_uid || !(st.st_gid == gid || st.st_gid == pw->pw_gid)) {
 		if (chown(tty_name, pw->pw_uid, gid) < 0) {
 			if (errno == EROFS &&
 			    (st.st_uid == pw->pw_uid || st.st_uid == 0)) {
author	Matt Johnston <matt@ucc.asn.au>	2022-12-12 22:34:06 +0800
committer	GitHub <noreply@github.com>	2022-12-12 22:34:06 +0800
commit	6fa49f98c59a16ace92bf389c4db5257c4853790 (patch)
tree	b2ccb96523a796bbfb2de2ce864bbf797ad1d50f
parent	c043efb47c3173072fa636ca0da0d19875d4511f (diff)
parent	860721558837441ab45019858e710a2625ffa46e (diff)
download	dropbear-6fa49f98c59a16ace92bf389c4db5257c4853790.tar.gz