git://git.jankratochvil.net
/
nethome.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bin/mocksetup: /var/cache/mock: -u: Fix.
[nethome.git]
/
src
/
sftpchroot.pl
diff --git
a/src/sftpchroot.pl
b/src/sftpchroot.pl
index
a4f8ed4
..
07cc10a
100755
(executable)
--- a/
src/sftpchroot.pl
+++ b/
src/sftpchroot.pl
@@
-7,10
+7,14
@@
use strict;
use warnings;
my $CMD="/usr/libexec/openssh/sftp-server";
use warnings;
my $CMD="/usr/libexec/openssh/sftp-server";
-my $PATH="/tmp";
+my $PATH="/FIXME";
+my $UID=FIXME;
%ENV=(); # Prevent: Insecure $ENV{PATH} while running with -T switch
chroot $PATH or die "chroot: $PATH: $!";
%ENV=(); # Prevent: Insecure $ENV{PATH} while running with -T switch
chroot $PATH or die "chroot: $PATH: $!";
+($<,$>)=($UID,$UID);
+$<==$UID or die "real UID==$<, expected $UID";
+$>==$UID or die "EUID==$>, expected $UID";
chdir "/" or die "chdir: $!";
exec $CMD;
die "$CMD: $!";
chdir "/" or die "chdir: $!";
exec $CMD;
die "$CMD: $!";