DL-Mirrors/termux-packages
0
0
Fork 1
mirror of https://github.com/termux-pacman/termux-packages.git synced 2025-12-28 22:50:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

openssh: Do not call setres{g,u}id for subprocess

Browse Source 
Fixes https://github.com/termux/termux-packages/issues/15632
This commit is contained in:
termux-pacman-bot
2023-03-13 22:32:30 +00:00
parent baca3379cc
commit dfa2932543
2 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/openssh/build.sh
View File

@@ -3,6 +3,7 @@ TERMUX_PKG_DESCRIPTION="Secure shell for logging into a remote machine"
TERMUX_PKG_LICENSE="BSD"
TERMUX_PKG_MAINTAINER="@termux"
TERMUX_PKG_VERSION=9.2p1
TERMUX_PKG_REVISION=1
TERMUX_PKG_SRCURL=https://fastly.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${TERMUX_PKG_VERSION}.tar.gz
TERMUX_PKG_SHA256=3f66dbf1655fb45f50e1c56da62ab01218c228807b21338d634ebcdf9d71cf46
TERMUX_PKG_DEPENDS="krb5, ldns, libandroid-support, libedit, openssh-sftp-server, openssl, termux-auth, zlib"

20
packages/openssh/no_priv_drop.patch Normal file
View File

@@ -0,0 +1,20 @@
https://github.com/termux/termux-packages/issues/15632
--- a/misc.c
+++ b/misc.c
@@ -2749,6 +2749,7 @@ subprocess(const char *tag, const char *
pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
_exit(1);
}
+#ifndef __ANDROID__
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
strerror(errno));
@@ -2759,6 +2760,7 @@ subprocess(const char *tag, const char *
strerror(errno));
_exit(1);
}
+#endif
/* stdin is pointed to /dev/null at this point */
if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 &&
dup2(STDIN_FILENO, STDERR_FILENO) == -1) {