bugzilla-daemon at mindrot.org
2006-Sep-24 23:59 UTC
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
http://bugzilla.mindrot.org/show_bug.cgi?id=1235 Summary: [PATCH] scp does unnecessary getpwuid(), breaking chroot Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: scp AssignedTo: bitbucket at mindrot.org ReportedBy: m.kooijman at student.utwente.nl CC: m.kooijman at student.utwente.nl When started, scp will always call getpwuid() to retrieve information about the current user. This information is used by scp in "client mode" to determine the login name when none has been specified on the command line. scp in "server mode" (ie, when called with -t or -f) will never use the user information at all, but still requests it at startup. Though this is not strictly a bug, it does have some unwanted side effects. In particular, this creates an added dependency for running scp inside a chroot jail, since username lookups must be enabled. This means that the passwd file or the used nss libs should be present inside the jail, which might not be wanted or possible (in our case). The attached patch will simply skip the gepwuid() call when scp is called in "server mode". It has been running in our production environment for a while now. Though the patch has been created against OpenSSH 3.8 (FreeBSD 5.4), I've checked the CVS version and nothing seems to have changed that would break this patch. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Sep-25 00:00 UTC
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
http://bugzilla.mindrot.org/show_bug.cgi?id=1235 ------- Comment #1 from m.kooijman at student.utwente.nl 2006-09-25 10:00 ------- Created an attachment (id=1187) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1187&action=view) Patch for scp ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Sep-25 00:06 UTC
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
http://bugzilla.mindrot.org/show_bug.cgi?id=1235 m.kooijman at student.utwente.nl changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1187 is|0 |1 obsolete| | ------- Comment #2 from m.kooijman at student.utwente.nl 2006-09-25 10:06 ------- Created an attachment (id=1188) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1188&action=view) Updated patch W00ps, the first patch was accidentally reversed. Here's a correct one. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Maybe Matching Threads
- [Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
- [Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
- [Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
- [Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
- [LLVMdev] llvm-gcc builds on 32 bit linux broken