Check command line after chroot

When a command was configured with a chroot, rssh did not check the safety of the command line after chroot, allowing various vectors of remote code execution inside the chroot environment. Perform the same check after chroot as is performed before running the command when a chroot is not configured. Gbp-Pq: Name 0010-Check-command-line-after-chroot.patch
author: Russ Allbery <rra@debian.org> 2019-01-28 20:15:30 -0800
committer: Russ Allbery <rra@debian.org> 2019-02-02 10:59:47 -0800
commit: caadd4b68c77174ca4d024ec603498ef07779f4d (patch)
tree: 9706c298f44e44121263dbf04b0c0dc9c9eae3f4
parent: b50e97c715cce88248cfc86fc6ec89b6796eef33 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/rssh_chroot_helper.c b/rssh_chroot_helper.c
index 8a35cdc..73d8c7b 100644
--- a/rssh_chroot_helper.c
+++ b/rssh_chroot_helper.c
@@ -218,6 +218,12 @@ int main( int argc, char **argv )
 		ch_fatal_error("build_arg_vector()", argv[2],
 				"bad expansion");
 
+	/* check the command for safety */
+	if ( !check_command_line(argvec, &opts) ){
+		fprintf(stderr, "\n");
+		exit(1);
+	}
+
 	/* 
 	 * This is the old way to figure out what program to run.  Since we're
 	 * re-parsing the config file in rssh_chroot helper, we could get rid
author	Russ Allbery <rra@debian.org>	2019-01-28 20:15:30 -0800
committer	Russ Allbery <rra@debian.org>	2019-02-02 10:59:47 -0800
commit	caadd4b68c77174ca4d024ec603498ef07779f4d (patch)
tree	9706c298f44e44121263dbf04b0c0dc9c9eae3f4
parent	b50e97c715cce88248cfc86fc6ec89b6796eef33 (diff)