# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1494346821 -28800
# Node ID 0d889b06812398324442eac299df0ad49d39724a
# Parent  a4878e9aa73a1010e5419c4c5a88189031573e50
switch user when opening authorized_keys

diff -r a4878e9aa73a -r 0d889b068123 svr-authpubkey.c
--- a/svr-authpubkey.c	Thu Jul 21 23:20:25 2016 +0800
+++ b/svr-authpubkey.c	Wed May 10 00:20:21 2017 +0800
@@ -201,6 +201,8 @@
 	unsigned int len, pos;
 	buffer * options_buf = NULL;
 	int line_num;
+	uid_t origuid;
+	gid_t origgid;
 
 	TRACE(("enter checkpubkey"))
 
@@ -227,8 +229,21 @@
 	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
 				ses.authstate.pw_dir);
 
-	/* open the file */
+	/* open the file as the authenticating user. */
+	origuid = getuid();
+	origgid = getgid();
+	if ((setegid(ses.authstate.pw_gid)) < 0 ||
+		(seteuid(ses.authstate.pw_uid)) < 0) {
+		dropbear_exit("Failed to set euid");
+	}
+
 	authfile = fopen(filename, "r");
+
+	if ((seteuid(origuid)) < 0 ||
+		(setegid(origgid)) < 0) {
+		dropbear_exit("Failed to revert euid");
+	}
+
 	if (authfile == NULL) {
 		goto out;
 	}