bugzilla-daemon at bugzilla.mindrot.org
2008-Apr-28 12:29 UTC
[Bug 1461] New: session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Summary: session.c: don't chdir() after chroot() if
chroot_path==pw->pw_dir
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: kondi at artegence.com
i have a setup where user directory is chroot directory
(ChrootDirectory %h). after user logs in it's presented with error
"Could not chdir to home directory /home/vhosts/user: No such file or
directory" which doesn't make sense with this setup and leaks
information about paths above chroot.
i expect that user should be left in chroot's root (from chdir() and
chroot() sequence in safely_chroot()) or chdir to $HOME setup by
pam_env.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 18:20 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461 --- Comment #1 from Damien Miller <djm at mindrot.org> 2008-06-15 04:20:30 --- Created an attachment (id=1524) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1524) suppress chdir failure warning when ChrootDirectory set Patch for OpenBSD -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 18:21 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461 --- Comment #2 from Damien Miller <djm at mindrot.org> 2008-06-15 04:21:42 --- Created an attachment (id=1525) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1525) suppress chdir failure warning when ChrootDirectory set (portable) portable OpenSSH patch -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 18:23 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Platform|ix86 |All
OS/Version|Linux |All
CC| |djm at mindrot.org
Blocks| |1452
--- Comment #3 from Damien Miller <djm at mindrot.org> 2008-06-15
04:23:20 ---
Please try one of the attached patches. They simply suppress the
warning when ChrootDirectory is set and the login does not require a
home directory.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 18:29 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1524| |ok+
Flag| |
--- Comment #4 from Darren Tucker <dtucker at zip.com.au> 2008-06-15
04:29:35 ---
(From update of attachment 1524)
You misspelled "homdir", but otherwise ok
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 18:32 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1525| |ok+
Flag| |
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-14 19:47 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
CC| |dtucker at zip.com.au
--- Comment #5 from Darren Tucker <dtucker at zip.com.au> 2008-06-15
05:47:17 ---
This has now been applied and will be in the next release (5.1) and
tomorrow's snapshots (http://www.mindrot.org/openssh_snap/).
Thanks.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jul-22 02:22 UTC
[Bug 1461] session.c: don't chdir() after chroot() if chroot_path==pw->pw_dir
https://bugzilla.mindrot.org/show_bug.cgi?id=1461
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #6 from Damien Miller <djm at mindrot.org> 2008-07-22
12:22:00 ---
Mass update RESOLVED->CLOSED after release of openssh-5.1
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.