diff options
Diffstat (limited to 'regress/test-exec.sh')
-rw-r--r-- | regress/test-exec.sh | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 114e129f20fa7..1b6526d0bbf3c 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $ +# $OpenBSD: test-exec.sh,v 1.53 2016/04/15 02:57:10 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -221,6 +221,7 @@ echo "#!/bin/sh" > $SSHLOGWRAP echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP chmod a+rx $OBJ/ssh-log-wrapper.sh +REAL_SSH="$SSH" SSH="$SSHLOGWRAP" # Some test data. We make a copy because some tests will overwrite it. @@ -411,6 +412,13 @@ cat << EOF > $OBJ/sshd_config Subsystem sftp $SFTPSERVER EOF +# This may be necessary if /usr/src and/or /usr/obj are group-writable, +# but if you aren't careful with permissions then the unit tests could +# be abused to locally escalate privileges. +if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then + echo "StrictModes no" >> $OBJ/sshd_config +fi + if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config |