bugzilla-daemon at bugzilla.mindrot.org
2009-Sep-01 11:09 UTC
[Bug 1643] New: Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Summary: Set FD_CLOEXEC on client socket
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: jchadima at redhat.com
--- Comment #0 from jchadima at redhat.com 2009-09-01 21:09:46 EST ---
Set FD_CLOEXEC on various sockets so they are not leaked to child
processes
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Sep-01 11:11 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643 --- Comment #1 from jchadima at redhat.com 2009-09-01 21:11:13 EST --- Created an attachment (id=1690) Patch solving the problem -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Sep-01 12:30 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #2 from Darren Tucker <dtucker at zip.com.au> 2009-09-01
22:30:09 EST ---
Are any descriptors actually leaked and if so under what conditions?
There's a:
closefrom(STDERR_FILENO + 1);
in session.c:do_exec() which is called for all login types.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Sep-01 13:05 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Tomas Mraz <t8m at centrum.cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |t8m at centrum.cz
--- Comment #3 from Tomas Mraz <t8m at centrum.cz> 2009-09-01 23:05:35 EST
---
They are leaked to the xauth child when executed on client for example.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Oct-22 23:27 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643 --- Comment #4 from Darren Tucker <dtucker at zip.com.au> 2009-10-23 10:27:33 EST --- ok, sounds reasonable, we should probably make it a helper function in misc.c -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Oct-22 23:55 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1626
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Nov-10 04:31 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #5 from Darren Tucker <dtucker at zip.com.au> 2009-11-10
15:31:26 EST ---
Thanks for the patch, this has been committed and will be in the 5.4
release.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Mar-25 23:51 UTC
[Bug 1643] Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #6 from Darren Tucker <dtucker at zip.com.au> 2010-03-26
10:51:37 EST ---
With the release of 5.4p1, this bug is now considered closed.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 1701] New: FIPS-140-2 requires call to RAND_cleanup() before the program using RAND exits
- [Bug 1641] New: Add SELinux roles
- [Bug 1676] New: Add NSS keys support
- [Bug 1671] New: Openssh does not run with the openssl 1.0.0-beta4
- [Bug 1644] New: Allow ip options except source routing