bugzilla-daemon at bugzilla.mindrot.org
2009-Dec-02 05:03 UTC
[Bug 1679] New: chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Summary: chroot and shell check ambiguity
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: alex at rtfs.hu
Created an attachment (id=1737)
--> (https://bugzilla.mindrot.org/attachment.cgi?id=1737)
Initial patch
OpenSSH will fail in a scenario where the server is configured with
chroot and a shell used by a user is not available outside, just inside
the chroot.
The reason behind this is that ssh checks whether the given shell is a
file and is executable, but this check doesn't takes the chroot path
into account.
I also attach an initial patch diffed against CVS (checked out few
minutes ago), which I am not happy with but it can stand here as a
record. I copied the chroot part from session.c
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Dec-04 01:21 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Alex Beregszaszi <alex at rtfs.hu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1737|0 |1
is obsolete| |
--- Comment #1 from Alex Beregszaszi <alex at rtfs.hu> 2009-12-04 12:21:29
EST ---
Created an attachment (id=1738)
--> (https://bugzilla.mindrot.org/attachment.cgi?id=1738)
Initial patch
Attached a wrong patch first.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-04 02:13 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |1626
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-13 12:26 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679 --- Comment #2 from Damien Miller <djm at mindrot.org> 2010-01-13 23:25:59 EST --- Created an attachment (id=1777) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1777) /home/djm/auth-check-chroot-shell.diff tweaked patch -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-13 12:28 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679 --- Comment #3 from Damien Miller <djm at mindrot.org> 2010-01-13 23:28:13 EST --- Created an attachment (id=1778) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1778) /home/djm/auth-check-chroot-shell.diff oops, patch without tabs vs. space issues -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-13 12:28 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1778| |ok?(dtucker at zip.com.au)
Flag| |
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-13 12:35 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1778|ok?(dtucker at zip.com.au) |ok+
Flag| |
--- Comment #4 from Darren Tucker <dtucker at zip.com.au> 2010-01-13
23:35:44 EST ---
(From update of attachment 1778)>+ strcasecmp(options.chroot_directory, "none") != 0) {
Do we do case-insensitive matches on "none"?
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-13 23:50 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679 --- Comment #5 from Damien Miller <djm at mindrot.org> 2010-01-14 10:50:29 EST --- (In reply to comment #4)> (From update of attachment 1778 [details]) > >+ strcasecmp(options.chroot_directory, "none") != 0) { > > Do we do case-insensitive matches on "none"?We are inconsistent already, I'll send a diff to use case-insensitive comparisons everywhere. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-14 00:02 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #6 from Damien Miller <djm at mindrot.org> 2010-01-14 11:02:05
EST ---
(In reply to comment #4)> (From update of attachment 1778 [details])
> >+ strcasecmp(options.chroot_directory, "none") != 0) {
>
> Do we do case-insensitive matches on "none"?
This is consistent with the other match against "none" for
chrootdirectory, but in general we are not consistent in matching :(
Anyway, patch applied - this will be in OpenSSH 5.4 - thanks for the
report and patch!
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Mar-25 23:50 UTC
[Bug 1679] chroot and shell check ambiguity
https://bugzilla.mindrot.org/show_bug.cgi?id=1679
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #7 from Darren Tucker <dtucker at zip.com.au> 2010-03-26
10:50:45 EST ---
With the release of 5.4p1, this bug is now considered closed.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.