blob: 42667b05a0de58fc00c969d64f10b8c58f8acd1c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
CVE-2015-6565 openssh: Incorrectly set TTYs to be world-writable
fix pty permissions; patch from Nikolay Edigaryev; ok deraadt
Upstream-Status: Backport
merged two changes into one.
[1] https://anongit.mindrot.org/openssh.git/commit/sshpty.c?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2
tighten permissions on pty when the "tty" group does not exist; pointed out by Corinna Vinschen; ok markus
[2] https://anongit.mindrot.org/openssh.git/commit/sshpty.c?id=6f941396b6835ad18018845f515b0c4fe20be21a
fix pty permissions; patch from Nikolay Edigaryev; ok deraadt
Signed-off-by: Armin Kuster <akuster@mvista.com>
Index: openssh-6.7p1/sshpty.c
===================================================================
--- openssh-6.7p1.orig/sshpty.c
+++ openssh-6.7p1/sshpty.c
@@ -196,13 +196,8 @@ pty_setowner(struct passwd *pw, const ch
/* Determine the group to make the owner of the tty. */
grp = getgrnam("tty");
- if (grp) {
- gid = grp->gr_gid;
- mode = S_IRUSR | S_IWUSR | S_IWGRP;
- } else {
- gid = pw->pw_gid;
- mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH;
- }
+ gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
+ mode = (grp != NULL) ? 0620 : 0600;
/*
* Change owner and mode of the tty as required.
|