From: Damien Miller <djm@mindrot.org>
Date: Mon, 14 Oct 2024 03:49:25 +0000 (+1100)
Subject: there's only one sandbox, move to a static global
X-Git-Tag: V_10_0_P1~188
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8edf08c258ee2918689872c4702302052729726;p=thirdparty%2Fopenssh-portable.git

there's only one sandbox, move to a static global
---

diff --git a/sshd-auth.c b/sshd-auth.c
index 577470676..52bbd0b9a 100644
--- a/sshd-auth.c
+++ b/sshd-auth.c
@@ -163,6 +163,10 @@ static void do_ssh2_kex(struct ssh *);
 /* Unprivileged user */
 struct passwd *privsep_pw = NULL;
 
+#ifndef HAVE_PLEDGE
+static struct ssh_sandbox *box;
+#endif
+
 /* XXX stub */
 int
 mm_is_monitor(void)
@@ -174,9 +178,8 @@ static void
 privsep_child_demote(void)
 {
 	gid_t gidset[1];
-#ifndef HAVE_PLEDGE
-	struct ssh_sandbox *box = NULL;
 
+#ifndef HAVE_PLEDGE
 	if ((box = ssh_sandbox_init(pmonitor)) == NULL)
 		fatal_f("ssh_sandbox_init failed");
 #endif