From f8edf08c258ee2918689872c4702302052729726 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Mon, 14 Oct 2024 14:49:25 +1100
Subject: there's only one sandbox, move to a static global

---
 sshd-auth.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'sshd-auth.c')

diff --git a/sshd-auth.c b/sshd-auth.c
index 577470676..52bbd0b9a 100644
--- a/sshd-auth.c
+++ b/sshd-auth.c
@@ -163,6 +163,10 @@ static void do_ssh2_kex(struct ssh *);
 /* Unprivileged user */
 struct passwd *privsep_pw = NULL;
 
+#ifndef HAVE_PLEDGE
+static struct ssh_sandbox *box;
+#endif
+
 /* XXX stub */
 int
 mm_is_monitor(void)
@@ -174,9 +178,8 @@ static void
 privsep_child_demote(void)
 {
 	gid_t gidset[1];
-#ifndef HAVE_PLEDGE
-	struct ssh_sandbox *box = NULL;
 
+#ifndef HAVE_PLEDGE
 	if ((box = ssh_sandbox_init(pmonitor)) == NULL)
 		fatal_f("ssh_sandbox_init failed");
 #endif
-- 
cgit v1.2.3