rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

the private keys may be 640 root:ssh_keys ssh_keysign is sgid

Browse Source
This commit is contained in:
Jan F 2011-04-21 23:27:01 +02:00
parent 1ddd0ee5d7
commit a8dc50b17f
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssh-5.8p1-keyperm.patch
View File

@ -17,7 +17,7 @@ diff -up openssh-5.8p1/authfile.c.keyperm openssh-5.8p1/authfile.c
+ struct group *gr;
+
+ if ((gr = getgrnam("ssh_keys")) && (st.st_gid == gr->gr_gid))
+ st.st_mode &= ~040;
+ st.st-mode &= ~040;
+ }
+
if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {

3
openssh.spec
View File

@ -147,8 +147,9 @@ Patch34: openssh-5.8p1-kuserok.patch
Patch35: openssh-5.8p1-glob.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1891
Patch36: openssh-5.8p1-pwchange.patch
#?
#https://bugzilla.mindrot.org/show_bug.cgi?id=1893
Patch37: openssh-5.8p1-keyperm.patch
#?
Patch50: openssh-5.8p1-fips.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1789