diff options
author | des <des@FreeBSD.org> | 2013-03-13 09:41:55 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2013-03-13 09:41:55 +0000 |
commit | 1e99f9b1455315f445d71a02aa21482c6507b87a (patch) | |
tree | ef25501300b99ca615e48d931b6ab5afddd0e7c0 /crypto/openssh/session.c | |
parent | 06e9d2ec10271583cf18d3254fcbe6aa782acc1f (diff) | |
download | FreeBSD-src-1e99f9b1455315f445d71a02aa21482c6507b87a.zip FreeBSD-src-1e99f9b1455315f445d71a02aa21482c6507b87a.tar.gz |
Unlike OpenBSD's, our setusercontext() will intentionally ignore the user's
own umask setting (from ~/.login.conf) unless running with the user's UID.
Therefore, we need to call it again with LOGIN_SETUMASK after changing UID.
PR: bin/176740
Submitted by: John Marshall <john.marshall@riverwillow.com.au>
MFC after: 1 week
Diffstat (limited to 'crypto/openssh/session.c')
-rw-r--r-- | crypto/openssh/session.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 57a3e18..82913ff 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -1533,6 +1533,12 @@ do_setusercontext(struct passwd *pw) perror("unable to set user context (setuser)"); exit(1); } + + /* + * FreeBSD's setusercontext() will not apply the user's + * own umask setting unless running with the user's UID. + */ + setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK); #else /* Permanently switch to the desired uid. */ permanently_set_uid(pw); |