bugzilla-daemon at bugzilla.mindrot.org
2017-May-25 20:32 UTC
[Bug 2723] New: drop two additional privileges (DAX_ACCESS and SYS_IB_INFO) from solaris sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=2723
Bug ID: 2723
Summary: drop two additional privileges (DAX_ACCESS and
SYS_IB_INFO) from solaris sandbox
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: huieying.lee at oracle.com
Created attachment 2984
--> https://bugzilla.mindrot.org/attachment.cgi?id=2984&action=edit
drop_more_priv_in_solaris_sandbox
In the "solaris" sandbox at the pre-authentication phase, many
privileges are deleted from the privilege separation child process.
Attached patch is to drop two additional privileges, PRIV_DAX_ACCESS
and PRIV_SYS_IB_INFO, from the "solaris" sandbox.
Note that PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO are supported in newer
Solaris releases, for example, S11U3.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jun-09 04:45 UTC
[Bug 2723] drop two additional privileges (DAX_ACCESS and SYS_IB_INFO) from solaris sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=2723
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Blocks| |2698
Resolution|--- |FIXED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Applied - thanks. This will be in the OpenSSH 7.6 release
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2698
[Bug 2698] Tracking bug for OpenSSH 7.6 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:55 UTC
[Bug 2723] drop two additional privileges (DAX_ACCESS and SYS_IB_INFO) from solaris sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=2723
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- Announce: OpenSSH 7.6 released
- Announce: OpenSSH 7.6 released
- [Bug 2242] New: add DisableBanner option to the ssh client command
- [Bug 2246] New: PAM enhancements for OpenSSH server
- [Bug 2399] New: openssh server should fatal out when pam_setcred and pam_open_session fail