################################################################################ ################################################################################ # # # Original patch by Ricardo Cerqueira # # # # Updated by James Dennis for openssh-3.7 # # # # A patch to cause sshd to chroot when it encounters the magic token # # '/./' in a users home directory. The directory portion before the # # token is the directory to chroot() to, the portion after the # # token is the user's home directory relative to the new root. # # # # Patch source using: patch -p0 < /path/to/patch # # # # Systems with a bad diff (doesn't understand -u or -N) should use gnu diff. # # Solaris may store this as gdiff under /opt/sfw/bin. I can't say much about # # other systems (unless you email me your experiences!). # # # ################################################################################ ################################################################################ diff -uNr openssh-3.7p1/session.c openssh-3.7p1-chroot/session.c --- openssh-3.7p1/session.c Mon Sep 15 21:52:19 2003 +++ openssh-3.7p1-chroot/session.c Tue Sep 16 14:23:34 2003 @@ -62,6 +62,8 @@ #include "ssh-gss.h" #endif +#define CHROOT + /* func */ Session *session_new(void); @@ -1227,6 +1229,12 @@ void do_setusercontext(struct passwd *pw) { + +#ifdef CHROOT + char *user_dir; + char *new_root; +#endif /* CHROOT */ + #ifndef HAVE_CYGWIN if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ @@ -1264,6 +1272,27 @@ exit(1); } endgrent(); + +#ifdef CHROOT + user_dir = xstrdup(pw->pw_dir); + new_root = user_dir + 1; + + while((new_root = strchr(new_root, '.')) != NULL) { + new_root--; + if(strncmp(new_root, "/./", 3) == 0) { + *new_root = '\0'; + new_root += 2; + + if(chroot(user_dir) != 0) + fatal("Couldn't chroot to user directory % s", user_dir); + pw->pw_dir = new_root; + break; + } + new_root += 2; + } +#endif /* CHROOT */ + + # ifdef USE_PAM /* * PAM credentials may take the form of supplementary groups.