fixed 350889 1.0.21-1 thanks Hi, referring to upstream changelog for 1.0.21: " By popular request, even non-chrooted users are now denied access if their home directory is not mounted."
Looking at the source code this seems to be right:
1.0.19-4:
1578 } else {
1579 (void) free(root_directory);
1580 root_directory = (char *) "/";
1581 if (create_home_and_chdir(authresult.dir)) {
1582 /* non-chrooted users can see everything, so let them
1583 in anyway */
1584 if (userchroot == 0) {
1585 addreply(0, MSG_NO_HOMEDIR2 " [%s].",
1586 authresult.dir, strerror(errno));
1587 addreply_noformat(0, MSG_START_SLASH);
1588 chdir("/");
1589 } else {
1590 die(421, LOG_ERR, MSG_NO_HOMEDIR);
1591 }
1592 }
1.0.21-11:
1649 } else {
1650 (void) free(root_directory);
1651 root_directory = (char *) "/";
1652 if (create_home_and_chdir(authresult.dir)) {
1653 die(421, LOG_ERR, MSG_NO_HOMEDIR);
1654 }
1655 }
So looks like only oldstable is affected.
Feel free to close the bug.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgp9v11kiNZ8b.pgp
Description: PGP signature

