bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-11 13:02 UTC
[Bug 396] sshd orphans processes when no pty allocated
http://bugzilla.mindrot.org/show_bug.cgi?id=396 --- Comment #12 from Matthieu Hautreux <matthieu.hautreux at cea.fr> 2007-07-11 23:02:19 --- Created an attachment (id=1324) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1324) Modified patch for openSSH-4.6p1 Modified patch for the Openssh 4.6p1 release This patch add an option in sshd_config (RemoteCommandCleanup no|(yes)) that enables sshd to send a HUP signal to child process group when no tty was allocated (remote command execution) and session is closing. The signal must be send to process group because child process is often the user shell invoked to launch the real command. I think that this problem should be solve in the next openSSH release. It causes a lot of orphan processes on the server and wastes resources. Furthermore, in a secure environment, you need a forwarded credential to access the file system, credential is removed when sshd exits and then the file system can no longer be accessed. There is no reason to let processes run if they are not allowed to access FS. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are watching the reporter.