| 1 |
vapier 08/04/01 18:44:01 |
| 2 |
|
| 3 |
Added: openssh-4.7_p1-ForceCommand.patch |
| 4 |
Log: |
| 5 |
Fix for ForceCommand bypass #215702. |
| 6 |
(Portage version: 2.2_pre5) |
| 7 |
|
| 8 |
Revision Changes Path |
| 9 |
1.1 net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch |
| 10 |
|
| 11 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch?rev=1.1&view=markup |
| 12 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch?rev=1.1&content-type=text/plain |
| 13 |
|
| 14 |
Index: openssh-4.7_p1-ForceCommand.patch |
| 15 |
=================================================================== |
| 16 |
security fix |
| 17 |
|
| 18 |
http://bugs.gentoo.org/215702 |
| 19 |
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/001_openssh.patch |
| 20 |
|
| 21 |
Index: usr.bin/ssh/session.c |
| 22 |
=================================================================== |
| 23 |
RCS file: /cvs/src/usr.bin/ssh/session.c,v |
| 24 |
retrieving revision 1.230 |
| 25 |
diff -u -r1.230 session.c |
| 26 |
--- usr.bin/ssh/session.c 22 Feb 2008 05:58:56 -0000 1.230 |
| 27 |
+++ usr.bin/ssh/session.c 27 Mar 2008 10:54:55 -0000 |
| 28 |
@@ -878,8 +878,9 @@ |
| 29 |
do_xauth = |
| 30 |
s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; |
| 31 |
|
| 32 |
- /* ignore _PATH_SSH_USER_RC for subsystems */ |
| 33 |
- if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
| 34 |
+ /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ |
| 35 |
+ if (!s->is_subsystem && options.adm_forced_command == NULL && |
| 36 |
+ (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
| 37 |
snprintf(cmd, sizeof cmd, "%s -c '%s %s'", |
| 38 |
shell, _PATH_BSHELL, _PATH_SSH_USER_RC); |
| 39 |
if (debug_flag) |
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
-- |
| 44 |
gentoo-commits@l.g.o mailing list |
Archives