2010-03-26 16:28:14 +02:00
|
|
|
--- a/svr-chansession.c
|
|
|
|
+++ b/svr-chansession.c
|
2012-12-04 18:40:17 +02:00
|
|
|
@@ -891,12 +891,12 @@ static void execchild(void *user_data) {
|
2005-03-06 05:53:29 +02:00
|
|
|
/* We can only change uid/gid as root ... */
|
|
|
|
if (getuid() == 0) {
|
|
|
|
|
2008-07-24 08:24:52 +03:00
|
|
|
- if ((setgid(ses.authstate.pw_gid) < 0) ||
|
|
|
|
+ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
|
|
|
|
(initgroups(ses.authstate.pw_name,
|
|
|
|
- ses.authstate.pw_gid) < 0)) {
|
|
|
|
+ ses.authstate.pw_gid) < 0))) {
|
2011-03-02 16:20:51 +02:00
|
|
|
dropbear_exit("Error changing user group");
|
2005-10-20 16:55:42 +03:00
|
|
|
}
|
2008-07-24 08:24:52 +03:00
|
|
|
- if (setuid(ses.authstate.pw_uid) < 0) {
|
|
|
|
+ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
|
2011-03-02 16:20:51 +02:00
|
|
|
dropbear_exit("Error changing user");
|
2005-03-06 05:53:29 +02:00
|
|
|
}
|
|
|
|
} else {
|