summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/uidswap.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-11/+11
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* Remove support for running ssh(1) setuid and fatal if attempted.dtucker2018-07-181-9/+1
| | | | | Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@
* invalidate supplemental group cache used by temporarily_use_uid()djm2018-06-151-3/+4
| | | | | | when the target uid differs; could cause failure to read authorized_keys under some configurations. patch by Jakub Jelen via bz2873; ok dtucker, markus
* Revert previous commit. We still want to call setgroups in the case wheredtucker2015-06-241-4/+3
| | | | | | | there are zero groups to remove any that we might otherwise inherit (as pointed out by grawity at gmail.com) and since the 2nd argument to setgroups is always a static global it's always valid to dereference in this case. ok deraadt@ djm@
* Don't call setgroups if we have zero groups; there's no guarantee that itdtucker2015-06-221-3/+4
| | | | | won't try to deref the pointer. Based on a patch from mail at quitesimple.org, ok djm deraadt
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-2/+2
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* Include stdlib.h for free() as per the man page.dtucker2013-11-081-1/+2
|
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-5/+2
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <sys/param.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+2
|
* move #include <unistd.h> out of includes.hstevesk2006-07-171-1/+2
|
* move #include <errno.h> out of includes.h; ok markus@stevesk2006-07-111-1/+2
|
* move #include <pwd.h> out of includes.h; ok markus@stevesk2006-07-061-1/+5
|
* do not set the gid, noted by solar; ok djmmarkus2006-06-081-3/+9
|
* replace remaining setuid() calls with permanently_set_uid() andmarkus2006-06-061-1/+3
| | | | check seteuid() return values; report Marcus Meissner; ok dtucker djm
* use setres[ug]id() to permanently revoke privileges; ok deraadt@djm2006-04-221-9/+5
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* RCSID() can diederaadt2006-03-191-1/+0
|
* seteuid and setegid; markus okderaadt2003-05-291-1/+5
|
* little more debugging; ok markus@stevesk2002-07-151-6/+11
|
* use correct function name in fatal()stevesk2002-05-281-2/+2
|
* format spec change/casts and some KNF; ok markus@stevesk2002-05-281-9/+9
|
* typo: assign to self; ok markus@ solar@openwall.comstevesk2002-04-011-2/+1
|
* basic KNF done while i was looking for something elsederaadt2001-12-191-4/+4
|
* undo last change; does not work for sshdmarkus2001-08-081-4/+1
|
* permanently_set_uid is a noop if user is not privilegued;markus2001-08-081-1/+4
| | | | fixes bug on solaris; from sbi@uchicago.edu
* set non-privileged gid before uid; tholo@ and deraadt@markus2001-04-201-5/+5
|
* KNFmarkus2001-04-081-8/+8
|
* do gid/groups-swap in addition to uid-swap, should help if /home/groupmarkus2001-04-061-32/+59
| | | | | is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
* split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.markus2001-01-211-2/+2
| | | | rename util.[ch] -> misc.[ch]
* sync with portable openssh; stevesk@pobox.commarkus2000-12-291-3/+2
|
* fix prototypes; from stevesk@pobox.commarkus2000-12-201-2/+2
|
* typo; from wsanchez@apple.commarkus2000-12-171-2/+2
|
* cleanup copyright notices on all files. I have attempted to be accurate withderaadt2000-09-071-2/+7
| | | | | | | the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
* print uid/gid as unsignedderaadt2000-08-281-6/+6
|
* OpenBSD tagmarkus2000-06-201-1/+1
|
* whitespace cleanupmarkus2000-04-141-4/+4
|
* KNF, final part 3markus1999-11-241-5/+6
|
* much more KNFderaadt1999-11-241-30/+26
|
* KNF part 1markus1999-11-231-33/+28
|
* even smallerderaadt1999-09-301-32/+1
|
* i bet a lot of people didn't know what ssh 1.2.16 had a nice license.deraadt1999-09-261-0/+126
well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.