bugzilla-daemon at bugzilla.mindrot.org
2012-Feb-06 16:31 UTC
[Bug 1976] New: sshd leaks stderr fd when run as 'sshd -D'
https://bugzilla.mindrot.org/show_bug.cgi?id=1976 Bug #: 1976 Summary: sshd leaks stderr fd when run as 'sshd -D' Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: james.hunt at ubuntu.com When run as 'sshd -D', the server calls server_accept_inetd(). This function sets stdin and stdout to /dev/null, but crucially does _not_ set stderr. As such, this fd is leaked from a privileged process (either the parent sshd or the priv-separation process for the user (for example "sshd: james [priv]")) to a non-priv process (for example "sshd: james at pts/0"). I suspect the rationale for leaving stderr as-is is to allow for debug-mode (where the user specifies '-d') such that debug information is written to stderr. However, if sshd is run exactly as 'sshd -D', no '-d' has been specified, so the user does not want debug output. Thus, even though the process does not daemonize, it should still dup stderr to /dev/null. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Feb-24 00:15 UTC
[Bug 1976] sshd leaks stderr fd when run as 'sshd -D'
https://bugzilla.mindrot.org/show_bug.cgi?id=1976 --- Comment #1 from Damien Miller <djm at mindrot.org> 2012-02-24 11:15:19 EST --- Created attachment 2131 --> https://bugzilla.mindrot.org/attachment.cgi?id=2131 close-stderr-inet.diff Close stderr except when -e specified -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
Apparently Analagous Threads
- [Bug 1976] sshd leaks stderr fd when run as 'sshd -D'
- [Bug 1976] sshd leaks stderr fd when run as 'sshd -D'
- close then select of stderr fd in client (openssh)
- [Bug 350] New: sshd leaks fd to pty for interactive sessions
- [Bug 2071] New: sshd closes stderr but not stdout when child process exits