dropbear: update to 2013.59 (released 4 october 2013)
[openwrt.git] / package / network / services / dropbear / patches / 110-change_user.patch
1 --- a/svr-chansession.c
2 +++ b/svr-chansession.c
3 @@ -889,12 +889,12 @@ static void execchild(void *user_data) {
4         /* We can only change uid/gid as root ... */
5         if (getuid() == 0) {
6  
7 -               if ((setgid(ses.authstate.pw_gid) < 0) ||
8 +               if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
9                         (initgroups(ses.authstate.pw_name, 
10 -                                               ses.authstate.pw_gid) < 0)) {
11 +                                               ses.authstate.pw_gid) < 0))) {
12                         dropbear_exit("Error changing user group");
13                 }
14 -               if (setuid(ses.authstate.pw_uid) < 0) {
15 +               if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
16                         dropbear_exit("Error changing user");
17                 }
18         } else {