https://bugzilla.mindrot.org/show_bug.cgi?id=2440
--- Comment #4 from [email protected] --- Recently, we discovered that the original code changes for this enhancement would not work if UsePrivilegeSeparation is set to NO. We fixed the problem with the following code changes: -------------------------------------------------------------------- --- old/session.c Mon Apr 25 15:33:39 2016 +++ new/session.c Mon Apr 25 15:37:31 2016 @@ -2241,6 +2241,7 @@ * means that we won't set XAUTHORITY variable in child's environment * and xauth(1) will use the default location for the authority file. */ + temporarily_use_uid(s->pw); if (mkdtemp(xauthdir) != NULL) { s->auth_file = xmalloc(MAXPATHLEN); snprintf(s->auth_file, MAXPATHLEN, "%s/xauthfile", @@ -2273,6 +2274,7 @@ "authority file: %.100s; will use the default xauth file", strerror(errno)); } + restore_uid(); #endif return success; } ----------------------------------------------------------------------- A new patch file was attached also, which applies to OpenSSH 7.2p2. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
