From: short <> Date: Mon, 7 Mar 2005 11:45:08 +0000 (+0000) Subject: Include setuid() - script is tested now. X-Git-Url: https://git.jankratochvil.net/?p=nethome.git;a=commitdiff_plain;h=1f9d6e0616387476a379fbff3aa06c31af116090 Include setuid() - script is tested now. --- diff --git a/src/sftpchroot.pl b/src/sftpchroot.pl index a4f8ed4..07cc10a 100755 --- a/src/sftpchroot.pl +++ b/src/sftpchroot.pl @@ -7,10 +7,14 @@ use strict; use warnings; my $CMD="/usr/libexec/openssh/sftp-server"; -my $PATH="/tmp"; +my $PATH="/FIXME"; +my $UID=FIXME; %ENV=(); # Prevent: Insecure $ENV{PATH} while running with -T switch chroot $PATH or die "chroot: $PATH: $!"; +($<,$>)=($UID,$UID); +$<==$UID or die "real UID==$<, expected $UID"; +$>==$UID or die "EUID==$>, expected $UID"; chdir "/" or die "chdir: $!"; exec $CMD; die "$CMD: $!";