bugzilla-daemon at bugzilla.mindrot.org
2009-Jan-07 20:29 UTC
[Bug 1549] New: change in remote command execution behavior
https://bugzilla.mindrot.org/show_bug.cgi?id=1549 Summary: change in remote command execution behavior Product: Portable OpenSSH Version: 5.1p1 Platform: amd64 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: kaizaad at sharcnet.ca I have sent the following info the the list: http://marc.info/?l=openssh-unix-dev&m=122901533604841&w=2 but have not heard anything. Can this be classified as a bug, even though it is working as documented _but_ is a drastic change in behavior from the previous versions (don't know how far this goes back)? I have reproduced the output here: OS and kernel: Red Hat Enterprise Linux AS release 4 (Nahant Update 5) Linux host135 2.6.9-67.9hp.7sp.XCsmp #1 SMP Thu Jul 3 18:55:59 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux built both openssh-5.0p1 and openssh-5.1p1 with the following options: ./configure --prefix=/usr --libexecdir=/usr/libexec/openssh --localstatedir=/var/empty/sshd \ --sysconfdir=/etc/ssh --with-pam --with-md5-passwords --with-zlib=/home/XXX/software/zlib-1.2.3 \ --with-tcp-wrappers With everything else being identical and just swapping the sshd binaries, I noticed the following: # ssh -v host135 debug1: match: OpenSSH_5.0 pat OpenSSH* ...snip # ssh host135 'echo $PATH' /opt/octave/current:/opt/mpiblast/current/bin:/opt/lammps/current/bin:/opt/dlpoly/current/execute: ...snip # ssh -v host135 debug1: match: OpenSSH_5.1 pat OpenSSH* ...snip # ssh host135 'echo $PATH' /usr/bin:/bin:/usr/sbin:/sbin According to the docs, the behavior exhibited by v5.1 is correct, remote command execution should not process the user's login shell and env. But why was this happening in v5.0? I can't find anything in the 5.1 change log that explains this change in behavior. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jan-21 11:15 UTC
[Bug 1549] change in remote command execution behavior
https://bugzilla.mindrot.org/show_bug.cgi?id=1549 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> 2009-01-21 22:15:15 --- This is due to a change in sshd interacting with a hack in bash. sshd used to spawn session shells and communicate with them over a socketpair() on some platforms but in 5.1 we changed this to pipe()s everwhere to support proper half-closed semantics (see bug #85 for the gory details). Apparently bash behaved differently when started when stdin is a pipe to when it is a socket, and would only source .bashrc when it is a socket. I'm not sure the reason for this behaviour - sshd has used pipes to communicate with the shell on some platforms for many years, so at best this only worked by accident. https://bugzilla.redhat.com/show_bug.cgi?id=458839 has some more details on this. I think the fix needs to be in bash. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jan-23 14:25 UTC
[Bug 1549] change in remote command execution behavior
https://bugzilla.mindrot.org/show_bug.cgi?id=1549 kaizaad at sharcnet.ca changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #2 from kaizaad at sharcnet.ca 2009-01-24 01:25:45 --- Hello Damien, Appreciate the explanation. thanks -k -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Feb-23 02:36 UTC
[Bug 1549] change in remote command execution behavior
https://bugzilla.mindrot.org/show_bug.cgi?id=1549 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> 2009-02-23 13:36:49 --- Close bugs fixed/reviewed for openssh-5.2 release -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.