diff options
author | Matt Johnston <matt@ucc.asn.au> | 2022-12-07 13:04:10 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2022-12-07 13:04:10 +0800 |
commit | 860721558837441ab45019858e710a2625ffa46e (patch) | |
tree | b2ccb96523a796bbfb2de2ce864bbf797ad1d50f | |
parent | c043efb47c3173072fa636ca0da0d19875d4511f (diff) | |
download | dropbear-860721558837441ab45019858e710a2625ffa46e.tar.gz |
Allow users's own gid in pty permission check
This allows non-root Dropbear to work even without devpts gid=5 mount
option on Linux.
-rw-r--r-- | sshpty.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -380,7 +380,9 @@ pty_setowner(struct passwd *pw, const char *tty_name) tty_name, strerror(errno)); } - if (st.st_uid != pw->pw_uid || st.st_gid != gid) { + /* Allow either "tty" gid or user's own gid. On Linux with openpty() + * this varies depending on the devpts mount options */ + if (st.st_uid != pw->pw_uid || !(st.st_gid == gid || st.st_gid == pw->pw_gid)) { if (chown(tty_name, pw->pw_uid, gid) < 0) { if (errno == EROFS && (st.st_uid == pw->pw_uid || st.st_uid == 0)) { |