[Heimdal-source-changes] [heimdal/heimdal] f10de5: Check fcache st_uid == geteuid(), not getuid()
GitHub
noreply at github.com
Sat Okt 5 01:27:18 CEST 2013
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: f10de508a6bfeafa1dd4f9487aa418b49a3ed2d7
https://github.com/heimdal/heimdal/commit/f10de508a6bfeafa1dd4f9487aa418b49a3ed2d7
Author: Nicolas Williams <nico at cryptonector.com>
Date: 2013-10-04 (Fri, 04 Oct 2013)
Changed paths:
M lib/krb5/fcache.c
Log Message:
-----------
Check fcache st_uid == geteuid(), not getuid()
Programs like sshd may create or access a ccache with
ruid != user's UID, euid == user's UID.
Set-uid-0 programs (ob reminder: they start life as ruid == user's UID,
euid == 0) shouldn't unintentionally access ccaches. Therefore we
shouldn't check both of ruid and euid, just euid.
More information about the Heimdal-source-changes
mailing list