1 |
vapier 08/04/01 18:44:01 |
2 |
|
3 |
Added: openssh-4.7_p1-ForceCommand.patch |
4 |
Log: |
5 |
Fix for ForceCommand bypass #215702. |
6 |
(Portage version: 2.2_pre5) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch |
10 |
|
11 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: openssh-4.7_p1-ForceCommand.patch |
15 |
=================================================================== |
16 |
security fix |
17 |
|
18 |
http://bugs.gentoo.org/215702 |
19 |
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/001_openssh.patch |
20 |
|
21 |
Index: usr.bin/ssh/session.c |
22 |
=================================================================== |
23 |
RCS file: /cvs/src/usr.bin/ssh/session.c,v |
24 |
retrieving revision 1.230 |
25 |
diff -u -r1.230 session.c |
26 |
--- usr.bin/ssh/session.c 22 Feb 2008 05:58:56 -0000 1.230 |
27 |
+++ usr.bin/ssh/session.c 27 Mar 2008 10:54:55 -0000 |
28 |
@@ -878,8 +878,9 @@ |
29 |
do_xauth = |
30 |
s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; |
31 |
|
32 |
- /* ignore _PATH_SSH_USER_RC for subsystems */ |
33 |
- if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
34 |
+ /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ |
35 |
+ if (!s->is_subsystem && options.adm_forced_command == NULL && |
36 |
+ (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
37 |
snprintf(cmd, sizeof cmd, "%s -c '%s %s'", |
38 |
shell, _PATH_BSHELL, _PATH_SSH_USER_RC); |
39 |
if (debug_flag) |
40 |
|
41 |
|
42 |
|
43 |
-- |
44 |
gentoo-commits@l.g.o mailing list |