Check command line after chroot

When a command was configured with a chroot, rssh did not check the safety of the command line after chroot, allowing various vectors of remote code execution inside the chroot environment. Perform the same check after chroot as is performed before running the command when a chroot is not configured. Gbp-Pq: Name 0010-Check-command-line-after-chroot.patch
author: Russ Allbery <rra@debian.org> 2019-01-28 20:15:30 -0800
committer: Russ Allbery <rra@debian.org> 2019-02-18 18:58:27 -0800
commit: 5bf62b0b083ed12ef646f518853e8da8d25d795c (patch)
tree: e3ff2183de87bd9a604be9ba12bec699d42617ba
parent: ed1e79552f31124064f9c6f6c7913ca442563f39 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/rssh_chroot_helper.c b/rssh_chroot_helper.c
index 8a35cdc..73d8c7b 100644
--- a/rssh_chroot_helper.c
+++ b/rssh_chroot_helper.c
@@ -218,6 +218,12 @@ int main( int argc, char **argv )
 		ch_fatal_error("build_arg_vector()", argv[2],
 				"bad expansion");
 
+	/* check the command for safety */
+	if ( !check_command_line(argvec, &opts) ){
+		fprintf(stderr, "\n");
+		exit(1);
+	}
+
 	/* 
 	 * This is the old way to figure out what program to run.  Since we're
 	 * re-parsing the config file in rssh_chroot helper, we could get rid
author	Russ Allbery <rra@debian.org>	2019-01-28 20:15:30 -0800
committer	Russ Allbery <rra@debian.org>	2019-02-18 18:58:27 -0800
commit	5bf62b0b083ed12ef646f518853e8da8d25d795c (patch)
tree	e3ff2183de87bd9a604be9ba12bec699d42617ba
parent	ed1e79552f31124064f9c6f6c7913ca442563f39 (diff)