openssh bugs - Mar 2021 - [Bug 3277] New: Global ssh_config file permissions are not checked.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

            Bug ID: 3277
           Summary: Global ssh_config file permissions are not checked.
           Product: Portable OpenSSH
           Version: 8.5p1
          Hardware: Other
                OS: Windows 10
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: balu.gajjala at gmail.com

This is a rare situation but it can happen by mistake. 

Global ssh_config is not checked for the right file permissions.

If a root user accidentally gives write permissions to non-root users
then it leads to undesirable behavior. 

It's a single line change to add "SSHCONF_CHECKPERM" flag while
calling
read_config_file().

https://github.com/openssh/openssh-portable/blob/2421a567a8862fe5102a4e7d60003ebffd1313dd/ssh.c#L585

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |3270
                 CC|                            |dtucker at dtucker.net


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=3270
[Bug 3270] Tracking bug for 8.6 release
-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

balu <balu.gajjala at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |balu.gajjala at gmail.com

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

--- Comment #1 from Darren Tucker <dtucker at dtucker.net> ---
I'm wondering if there are use cases where someone might want to do
this, eg
 - making ssh_config group writable by an admin group
 - using Match and Include to delegate a subset of the config to
another group

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |3302


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=3302
[Bug 3302] Tracking bug for openssh-8.7
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
retarget after 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|3270                        |


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=3270
[Bug 3270] Tracking bug for 8.6 release
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
I'm inclined to agree and to not add additional checking - ssh should
aim to protect the user against misconfiguration, but it's IMO overkill
to detect serious admin misconfiguration.

On one hand, as Darren points out, a too strict definition of
"misconfiguration" might break working setups.

On the other, how far should a user tool go towards checking the system
is in an expected state? Should it check the permissions on
/etc/passwd? /dev/*? etc.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WONTFIX
             Status|NEW                         |RESOLVED

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
Closing. Feel free to reopen if you have a good argument for this.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3277

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #5 from Damien Miller <djm at mindrot.org> ---
closing bugs resolved before openssh-8.9

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.