WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

adjust chdir in the case of chroot

pull/441/head
JacobBarthelmeh 2022-09-01 10:18:01 -07:00
parent d4c5bb4c2f
commit c4efae1f5d
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
apps/wolfsshd/wolfsshd.c
View File

@ -463,6 +463,19 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
return WS_FATAL_ERROR; return WS_FATAL_ERROR;
} }
else if (rc == 1) {
rc = chdir("/");
if (rc != 0) {
wolfSSH_Log(WS_LOG_ERROR,
"[SSHD] Error going to / after chroot");
if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) {
/* stop everything if not able to reduce permissions level */
exit(1);
}
return WS_FATAL_ERROR;
}
}
if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid, if (wolfSSHD_AuthReducePermissionsUser(conn->auth, pPasswd->pw_uid,
pPasswd->pw_gid) != WS_SUCCESS) { pPasswd->pw_gid) != WS_SUCCESS) {
@ -478,13 +491,11 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
setenv("HOME", pPasswd->pw_dir, 1); setenv("HOME", pPasswd->pw_dir, 1);
setenv("LOGNAME", pPasswd->pw_name, 1); setenv("LOGNAME", pPasswd->pw_name, 1);
/* if chroot was not used then try to change to users direcotry */
if (rc == 0) {
rc = chdir(pPasswd->pw_dir); rc = chdir(pPasswd->pw_dir);
if (rc != 0) { if (rc != 0) {
wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error going to user home dir"); /* not error'ing out if unable to find home directory */
return WS_FATAL_ERROR; wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Error going to user home dir %s",
} pPasswd->pw_dir);
} }
/* default to /bin/sh if user shell is not set */ /* default to /bin/sh if user shell is not set */