? lib/obj
? scp/obj
? sftp/obj
? sftp-server/obj
? ssh/obj
? ssh-add/obj
? ssh-agent/obj
? ssh-keygen/obj
? ssh-keyscan/obj
? ssh-keysign/obj
? ssh-pkcs11-helper/obj
? sshd/obj
Index: clientloop.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.284
diff -u -p -r1.284 clientloop.c
--- clientloop.c        8 Feb 2016 10:57:07 -0000       1.284
+++ clientloop.c        25 Feb 2016 05:35:28 -0000
@@ -1497,6 +1497,7 @@ client_loop(int have_pty, int escape_cha

       debug("Entering interactive session.");

+#if 0
       if (options.control_master &&
           ! option_clear_or_none(options.control_path)) {
               debug("pledge: id");
@@ -1526,7 +1527,7 @@ client_loop(int have_pty, int escape_cha
               if (pledge("stdio unix inet dns tty", NULL) == -1)
                       fatal("%s pledge(): %s", __func__, strerror(errno));
       }
-
+#endif
       start_time = get_current_time();

       /* Initialize variables. */
Index: mux.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/mux.c,v
retrieving revision 1.58
diff -u -p -r1.58 mux.c
--- mux.c       13 Jan 2016 23:04:47 -0000      1.58
+++ mux.c       25 Feb 2016 05:35:29 -0000
@@ -1872,8 +1872,10 @@ mux_client_request_session(int fd)
       }
       muxclient_request_id++;

+#if 0
       if (pledge("stdio proc tty", NULL) == -1)
               fatal("%s pledge(): %s", __func__, strerror(errno));
+#endif

       signal(SIGHUP, control_client_sighandler);
       signal(SIGINT, control_client_sighandler);
@@ -1982,8 +1984,10 @@ mux_client_request_stdio_fwd(int fd)
           mm_send_fd(fd, STDOUT_FILENO) == -1)
               fatal("%s: send fds failed", __func__);

+#if 0
       if (pledge("stdio proc tty", NULL) == -1)
               fatal("%s pledge(): %s", __func__, strerror(errno));
+#endif

       debug3("%s: stdio forward request sent", __func__);

Index: scp.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/scp.c,v
retrieving revision 1.184
diff -u -p -r1.184 scp.c
--- scp.c       27 Nov 2015 00:49:31 -0000      1.184
+++ scp.c       25 Feb 2016 05:35:30 -0000
@@ -463,6 +463,7 @@ main(int argc, char **argv)
       if (!isatty(STDOUT_FILENO))
               showprogress = 0;

+#if 0
       if (pflag) {
               /* Cannot pledge: -p allows setuid/setgid files... */
       } else {
@@ -472,6 +473,7 @@ main(int argc, char **argv)
                       exit(1);
               }
       }
+#endif

       remin = STDIN_FILENO;
       remout = STDOUT_FILENO;
Index: ssh-agent.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v
retrieving revision 1.212
diff -u -p -r1.212 ssh-agent.c
--- ssh-agent.c 15 Feb 2016 09:47:49 -0000      1.212
+++ ssh-agent.c 25 Feb 2016 05:35:30 -0000
@@ -1385,8 +1385,10 @@ skip:
       signal(SIGTERM, cleanup_handler);
       nalloc = 0;

+#if 0
       if (pledge("stdio cpath unix id proc exec", NULL) == -1)
               fatal("%s: pledge: %s", __progname, strerror(errno));
+#endif

       while (1) {
               prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
Index: ssh-keysign.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-keysign.c,v
retrieving revision 1.52
diff -u -p -r1.52 ssh-keysign.c
--- ssh-keysign.c       15 Feb 2016 09:47:49 -0000      1.52
+++ ssh-keysign.c       25 Feb 2016 05:35:30 -0000
@@ -170,8 +170,10 @@ main(int argc, char **argv)
       size_t slen, dlen;

       ssh_malloc_init();      /* must be called before any mallocs */
+#if 0
       if (pledge("stdio rpath getpw dns id", NULL) != 0)
               fatal("%s: pledge: %s", __progname, strerror(errno));
+#endif

       /* Ensure that stdin and stdout are connected */
       if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
@@ -233,8 +235,10 @@ main(int argc, char **argv)
       if (!found)
               fatal("no hostkey found");

+#if 0
       if (pledge("stdio dns", NULL) != 0)
               fatal("%s: pledge: %s", __progname, strerror(errno));
+#endif

       if ((b = sshbuf_new()) == NULL)
               fatal("%s: sshbuf_new failed", __progname);
Index: sshd/Makefile
===================================================================
RCS file: /cvs/src/usr.bin/ssh/sshd/Makefile,v
retrieving revision 1.88
diff -u -p -r1.88 Makefile
--- sshd/Makefile       14 Jan 2016 16:17:40 -0000      1.88
+++ sshd/Makefile       25 Feb 2016 05:35:30 -0000
@@ -17,7 +17,7 @@ SRCS= sshd.c auth-rhosts.c auth-passwd.c
       auth2-none.c auth2-passwd.c auth2-pubkey.c \
       monitor_mm.c monitor.c monitor_wrap.c \
       sftp-server.c sftp-common.c \
-       sandbox-pledge.c
+       sandbox-systrace.c

.if (${SSH1:L} == "yes")
SRCS+= auth-rsa.c auth-rh-rsa.c auth1.c

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.