dropbear/patches/110-change_user.patch

--- dropbear-0.51/svr-chansession.c.orig        2008-06-12 09:58:01.000000000 +0200
+++ dropbear-0.51/svr-chansession.c     2008-06-12 10:04:16.000000000 +0200
@@ -912,12 +912,12 @@
        /* We can only change uid/gid as root ... */
        if (getuid() == 0) {
 
-               if ((setgid(ses.authstate.pw_gid) < 0) ||
+               if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
                        (initgroups(ses.authstate.pw_name, 
-                                               ses.authstate.pw_gid) < 0)) {
+                                               ses.authstate.pw_gid) < 0))) {
                        dropbear_exit("error changing user group");
                }
-               if (setuid(ses.authstate.pw_uid) < 0) {
+               if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
                        dropbear_exit("error changing user");
                }
        } else {
// Log In
// CVSweb
Project: FreeWRT
// Summary // Activity // Search // Tracker // Lists // News // SCM // Wiki
1	--- dropbear-0.51/svr-chansession.c.orig 2008-06-12 09:58:01.000000000 +0200
2	+++ dropbear-0.51/svr-chansession.c 2008-06-12 10:04:16.000000000 +0200
3	@@ -912,12 +912,12 @@
4	/* We can only change uid/gid as root ... */
5	if (getuid() == 0) {
6
7	- if ((setgid(ses.authstate.pw_gid) < 0) \|\|
8	+ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) \|\|
9	(initgroups(ses.authstate.pw_name,
10	- ses.authstate.pw_gid) < 0)) {
11	+ ses.authstate.pw_gid) < 0))) {
12	dropbear_exit("error changing user group");
13	}
14	- if (setuid(ses.authstate.pw_uid) < 0) {
15	+ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
16	dropbear_exit("error changing user");
17	}
18	} else {