ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow users's own gid in pty permission check

Browse Source 
This allows non-root Dropbear to work even without devpts gid=5 mount
option on Linux.
This commit is contained in:
Matt Johnston 2022-12-07 13:04:10 +08:00
parent c043efb47c
commit 8607215588
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sshpty.c
View File

@ -380,7 +380,9 @@ pty_setowner(struct passwd *pw, const char *tty_name)
tty_name, strerror(errno)); tty_name, strerror(errno));
} }
if (st.st_uid != pw->pw_uid || st.st_gid != gid) { /* Allow either "tty" gid or user's own gid. On Linux with openpty()
* this varies depending on the devpts mount options */
if (st.st_uid != pw->pw_uid || !(st.st_gid == gid || st.st_gid == pw->pw_gid)) {
if (chown(tty_name, pw->pw_uid, gid) < 0) { if (chown(tty_name, pw->pw_uid, gid) < 0) {
if (errno == EROFS && if (errno == EROFS &&
(st.st_uid == pw->pw_uid || st.st_uid == 0)) { (st.st_uid == pw->pw_uid || st.st_uid == 0)) {