On Mon, Jun 04, 2001 at 12:25:54PM +0200, Corinna Vinschen
wrote:> Hi,
>
> I have added calls to `check_ntsec()' to the code which checks
> for the ownership and modes of identity files and directories.
> As you might know, check_ntsec() tests if owner/modes are
> supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem
> (FAT/FAT32=no, NTFS=yes) and the current Cygwin settings
> (ntea/ntsec).
My patch wasn't relative to the latest sources. Sorry 'bout that.
The below patch now should apply cleanly to the current version
in CVS.
Corinna
Index: auth-rhosts.c
==================================================================RCS file:
/cvs/openssh_cvs/auth-rhosts.c,v
retrieving revision 1.17
diff -u -p -r1.17 auth-rhosts.c
--- auth-rhosts.c 2001/04/12 23:34:35 1.17
+++ auth-rhosts.c 2001/06/08 15:28:28
@@ -228,6 +228,9 @@ auth_rhosts2(struct passwd *pw, const ch
pw->pw_name, pw->pw_dir);
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(pw->pw_dir))
+#endif
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
Index: auth-rsa.c
==================================================================RCS file:
/cvs/openssh_cvs/auth-rsa.c,v
retrieving revision 1.32
diff -u -p -r1.32 auth-rsa.c
--- auth-rsa.c 2001/06/05 20:25:05 1.32
+++ auth-rsa.c 2001/06/08 15:28:28
@@ -158,6 +158,9 @@ auth_rsa(struct passwd *pw, BIGNUM *clie
xfree(file);
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(file))
+#endif
if (options.strict_modes &&
secure_filename(f, file, pw->pw_uid, line, sizeof(line)) != 0) {
xfree(file);
Index: auth2.c
==================================================================RCS file:
/cvs/openssh_cvs/auth2.c,v
retrieving revision 1.61
diff -u -p -r1.61 auth2.c
--- auth2.c 2001/06/05 20:25:06 1.61
+++ auth2.c 2001/06/08 15:28:28
@@ -698,6 +698,9 @@ user_key_allowed(struct passwd *pw, Key
xfree(file);
return 0;
}
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(file))
+#endif
if (options.strict_modes &&
secure_filename(f, file, pw->pw_uid, line, sizeof(line)) != 0) {
xfree(file);
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com