-Index: dropbear-0.49/svr-chansession.c
+Index: dropbear-0.52/svr-chansession.c
===================================================================
---- dropbear-0.49.orig/svr-chansession.c 2007-06-04 13:21:39.455978448 +0200
-+++ dropbear-0.49/svr-chansession.c 2007-06-04 13:21:39.751933456 +0200
-@@ -908,12 +908,12 @@
+--- dropbear-0.52.orig/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
++++ dropbear-0.52/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
+@@ -852,12 +852,12 @@
/* We can only change uid/gid as root ... */
if (getuid() == 0) {
-- if ((setgid(ses.authstate.pw->pw_gid) < 0) ||
-+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) ||
- (initgroups(ses.authstate.pw->pw_name,
-- ses.authstate.pw->pw_gid) < 0)) {
-+ ses.authstate.pw->pw_gid) < 0))) {
+- if ((setgid(ses.authstate.pw_gid) < 0) ||
++ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
+ (initgroups(ses.authstate.pw_name,
+- ses.authstate.pw_gid) < 0)) {
++ ses.authstate.pw_gid) < 0))) {
dropbear_exit("error changing user group");
}
-- if (setuid(ses.authstate.pw->pw_uid) < 0) {
-+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) {
+- if (setuid(ses.authstate.pw_uid) < 0) {
++ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
dropbear_exit("error changing user");
}
} else {