################################################################################ ################################################################################ # # # Original patch by Ricardo Cerqueira # # # # Updated by James Dennis for openssh-3.6.1 # # # # A patch to cause sshd to chroot when it encounters the magic token # # '/./' in a users home directory. The directory portion before the # # token is the directory to chroot() to, the portion after the # # token is the user's home directory relative to the new root. # # # # Patch source using: patch -p0 < /path/to/patch # # # # Systems with a bad diff (doesn't understand -u or -N) should use gnu diff. # # Solaris may store this as gdiff under /opt/sfw/bin. I can't say much about # # other systems (unless you email me your experiences!). # # # ################################################################################ ################################################################################ diff -uNr openssh-3.6.1p1/session.c openssh-3.6.1p1-chroot/session.c --- openssh-3.6.1p1/session.c Thu Mar 20 20:18:09 2003 +++ openssh-3.6.1p1-chroot/session.c Fri Apr 4 12:42:22 2003 @@ -58,6 +58,8 @@ #include "session.h" #include "monitor_wrap.h" +#define CHROOT + #ifdef HAVE_CYGWIN #include #include @@ -1206,6 +1208,12 @@ void do_setusercontext(struct passwd *pw) { + +#ifdef CHROOT + char *user_dir; + char *new_root; +#endif /* CHROOT */ + #ifndef HAVE_CYGWIN if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ @@ -1242,6 +1250,26 @@ exit(1); } endgrent(); + +#ifdef CHROOT + user_dir = xstrdup(pw->pw_dir); + new_root = user_dir + 1; + + while((new_root = strchr(new_root, '.')) != NULL) { + new_root--; + if(strncmp(new_root, "/./", 3) == 0) { + *new_root = '\0'; + new_root += 2; + + if(chroot(user_dir) != 0) + fatal("Couldn't chroot to user directory %s", user_dir); + pw->pw_dir = new_root; + break; + } + new_root += 2; + } +#endif /* CHROOT */ + # ifdef USE_PAM /* * PAM credentials may take the form of supplementary groups.